This security update addresses a vulnerability in Microsoft Silverlight that could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system. An attacker would first have to log on to the system or convince a logged on user to execute the specially crafted application to be able to exploit this vulnerability.
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.