This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Microsoft Video Control fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. However, an attacker must first convince a user to open either a specially crafted file or a program from either a webpage or an email message.
To learn more about the vulnerability, see Microsoft Security Bulletin MS16-131.
To learn more about the vulnerability, see Microsoft Security Bulletin MS16-131.