Technical Information

Brief overview of the risk:
This security update resolves two privately reported vulnerabilities in Microsoft Office. The most severe vulnerability could allow remote code execution if a user opens an Office file that is located in the same network directory as a specially crafted library file. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user.
Detailed Information on the risk:

A remote code execution vulnerability exists in the way that affected Microsoft Office software handles the loading of dynamic-link library (.dll) files. An attacker who successfully exploited this vulnerability could take complete control of an affected system.

Further information on this exploit is available at : MS14-023