Wait...
"Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing could trigger this vulnerability,"
I cannot select it to delete it without triggering the vulnerability? OK, I use the command line and powershell (and prefer Linux anyway, but at work you got what you get) daily, no problem in principle, but I consider this really bad news. Not the same level as a remote exploit, but still...
And why would that code already be executed when just selecting the file? Just.... Why?