This security update resolves a vulnerability in Microsoft Windows. The vulnerability, which exists in Windows Remote Procedure Call (RPC) authentication, could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application. An attacker who successfully exploited this vulnerability could take complete control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.