Posted on 2021-12-07: https://positive.security/blog/ms-officecmd-rce Image courtesy of{" "} @_mattata . I love the "--disable-gpu-sandbox" and "--gpu-launcher" flags, it makes the exploit seem so simple and yet the engineering decisions and discovery process were likely very complex