A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.To exploit the vulnerability, an attacker would have to convince a user to open either a specially crafted file or a program from either a webpage or an email message.The update addresses the vulnerability by correcting how Windows OLE validates user input.