Severity Rating: Important
Revision Note: V1.1 (January 21, 2015): Bulletin revised to correct Server Core installation entries in the Affected Software and Severity Ratings tables. This is an informational change only. Customers who have already successfully installed the update do not have to take any action.
Summary: This security update resolves a privately reported vulnerability in Windows Error Reporting (WER). The vulnerability could allow security feature bypass if successfully exploited by an attacker. An attacker who successfully exploited this vulnerability could gain access to the memory of a running process. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

More...