Gatekeeper would misclassify certain types of applications allowing them to run without any restriction. Specifically you can cause a confusion in the policy engine regarding whether the app is bundled or not...
Heap overflow in Windows Defender (mpengine.dll).Overflow happens while unpacking an ASProtect packed executable...
**tl;dr** Uses a known docker breakout to escape into the wrapping VM, then by replacing a logfile with a symlink you could post to locations on the host machine.