Morioh
Login
Barton Greenfelder

Barton Greenfelder

3 years ago

The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files.

Microsoft has quietly pushed out two emergency security updates to fix remote code execution bugs in Microsoft Windows Codecs Library.

Windows Codecs Library handles how the OS compresses large multimedia files such as photos and videos, and then decodes them for playback within applications. The out-of-band updates, addressing a critical-severity flaw (CVE-2020-1425) and important-severity vulnerability (CVE-2020-1457), were sent out via Windows Update Tuesday night and affect several versions of Windows 10 and Windows Server 2019.

Both vulnerabilities allow for remote code execution “in the way that Microsoft Windows Codecs Library handles objects in memory,” according to the updates.

#web security #attackers #microsoft #security

Microsoft Releases Emergency Security Updates for Windows 10, Server

threatpost.com

Microsoft Releases Emergency Security Updates for Windows 10, Server

The patches fix two separate RCE bugs in Windows Codecs that allow hackers to exploit playback of multimedia files. Microsoft has quietly pushed out two emergency security updates to fix remote code execution bugs in Microsoft Windows Codecs Library.

1.25 GEEK