Windows 10 RCE: The exploit is in the link ($5000 USD)

We discussed this vulnerability during Episode 107 on 13 December 2021

There is an argument injection within the ms-officemd URI scheme (available by default on WIndows 10 and 11) used by MS Office applications to launch other Office apps. By targeting the MS Teams Electron application one could leverage the --gpu-launcher argument for arbitrary command injection without any hassle.