According to the Debricked vulnerability database, CVE-2024-49071 the issue arose because Windows Defender created a “search index of private or sensitive documents,” but it did not “properly limit index access to actors who are authorized to see the original information.”
So this a remote vulnerability, but no execution just information access? The CVE and Microsoft are not clear about it (or I am bad at reading).