This security update resolves a vulnerability in Microsoft Expression Design which could allow remote code execution if a user opens a legitimate file located in the same network directory as a specially crafted dynamic link library (DLL) file.