Microsoft Releases Critical Security Updates
Description: A remote code execution vulnerability exists when the Windows Host Compute Service Shim (hcsshim) library fails to properly validate input while importing a container image. To exploit the vulnerability, an attacker would place malicious code in a specially crafted container image which, if an authenticated administrator imported (pulled), could cause a container management service utilizing the Host Compute Service Shim library to execute malicious code on the Windows host.
Impact: A remote attacker could exploit this vulnerability to take control of an affected system.
Mitigation: Apply an update. Please see the references or vendor advisory for more information.