An information disclosure vulnerability exists when the Windows Remote Procedure Call (RPC) runtime improperly initializes objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the userβs system.
To exploit this vulnerability, an authenticated attacker could run a specially crafted application.
The update addresses the vulnerability by correcting how the Remote Procedure Call runtime initializes objects in memory.