An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory.
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory.
To learn more about the vulnerabilities, go to the following Common Vulnerabilities and Exposures (CVE).
How to obtain and install the update
Method 1: Windows Update
Method 2: Microsoft Update Catalog
The English (United States) version of this software update installs files that have the attributes that are listed in the following tables. The dates and times for these files are listed in Coordinated Universal Time (UTC). The dates and times for these files on your local computer are displayed in your local time together with your current daylight-saving time (DST) bias. Additionally, the dates and times may change when you perform certain operations on the files.
Windows Server 2008 file information
The MANIFEST files (.manifest) and MUM files (.mum) that are installed are not listed.
Windows Embedded POSReady 2009 and Windows Embedded Standard 2009 file information