This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a target system and runs a specially crafted application. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Malicious attacks have consistently been launched on weak points in the supply chain. Like all attacks, these will evolve into more advanced forms. Software development, with multiple phases that could be placed at risk, is particularly vulnerable.