An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a users system.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The update addresses the vulnerability by correcting how the Telephony Service handles objects in memory.