A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted .WIM file.The update addresses the vulnerability by modifying how the WIM service handles objects in memory.