What are the different CLSIDs used for DCOM lateral movement and which Windows versions support them?

Three primary CLSIDs exist: `9BA05972-F6A8-11CF-A442-00A0C90A8F39` (works on Win7 to Win10), `C08AFD90-F2A1-11D1-8455-00A0C91F3880` (works on Win10/Server2012 R2, not Win7), and the `MMC20.Application` ProgID (cross-platform). Attackers invoke these via `[Type]::GetTypeFromCLSID()` and use `ShellExecute` to run commands. These techniques complement other lateral movement methods like Domain Penetration - Remote Execution via Scripts in GPO and Domain Penetration - Remote Execution via Scheduled Tasks in GPO.