The security bulletin describes an attackers ability to use a "malformed object" to cause a memory corruption allowing them to gain access to the system as that user. Without going into the importance of only doing general computer activities such as web surfing, reading email and performing office task as a limited user again users need to install this update. The attacker assumes the users permissions and can operate as such.

This update is available for download using the Microsoft Update tool in office. The flaw affects both Windows and Macintosh platforms. This flaw has been in the wild since February 2009 and is active across both platforms.