An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.
A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Windows 10 Update Assistant
Please see vendor’s advisory for the list of patches and more details