This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow security feature bypass if a user opens a specially crafted file. In all cases, however, an attacker would have no way to force users to open the specially crafted file; an attacker would have to convince users to open the file, typically by way of an enticement in an email or Instant Messenger message.