Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. An attacker can trick a local user on a vulnerable system into mounting a specially crafted VHD that would then trigger the vulnerability. This vulnerability could also be exploited through a physical attack vector. An attacker with physical access to a vulnerable system could insert a specially crafted USB device into the machine.