The update involves iCloud Keychain and the IOSurface framework (for sharing graphics surfaces between applications).

From the security update release note page:

iCloud Keychain:
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able to execute arbitrary code
Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.

And:

IOSurface:
Available for: OS X Yosemite v10.10.2
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A type confusion issue existed in IOSurface’s handling of serialized objects. The issue was addressed through additional type checking.