The cause of the vulnerability is found in the Microsoft JET Database Engine, which allows threat actors to perform an out-of-bounds write. If exploited, this vulnerability could allow an unauthenticated attacker to perform remote code execution on vulnerable systems. A vulnerability affecting all versions of Windows was publicly released on September 20 th.