Microsoft finds code execution (BadAlloc) vulnerabilities in IoT and OT devices