A really stupid question, but perhaps for that reason I cannot find the answer stated explicitly anywhere: With regard to the threat description used in Windows update documentation, I have always assumed that a "local attacker" is someone actually sitting at my desk. Is this correct? In this case, presumably an "authenticated local attacker" is someone sitting at my desk who has got hold of my password? If the answer to both questions is 'yes' then I guess there is really no point in my installing updates involving a 'local' threat? Incidentally, while trying to find the answer with Google I ended up with a 'captcha' page, apparently to check I wasn't a robot! My machine was sending unusual traffic or something. My numerous searches with slightly different choice of words must have triggered something. Weird and scary!