The vulnerability addressed in the update could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. According to the Advisory,
"An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system."
An updated MSRT will be included with the Security Updates on May 9. Windows Defender will automatically update or can be manually launched and checked for updates.
Microsoft Security Advisory 4022344