An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.An attacker could exploit this vulnerability by running a specially crafted application on the victim system.The update addresses the vulnerability by correcting the way the Windows State Repository Service handles objects in memory.