An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.To exploit the vulnerability, a user would have to open a specially crafted file.The security update addresses the vulnerability by correcting how Microsoft COM for Windows handles objects in memory.