MSRC confirmed, fixed the issue and pushed the fix automatically for everyone with the software.
Please note the directories + user is hardcoded and so you need to change/sync with the hardcoded info in the exploit.
poc.mp4
The exploit code heavily inspired by Wh04m1001's implementation in his EoPs over the years, and ZDI's poc.