Sign In

Communications of the ACM

ACM News

Microsoft Releases Emergency Security Update to Fix Two Bugs in Windows Codecs


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook

Microsoft said the bugs were privately reported and they haven't been used in the wild before today's patches.

Credit: ZDNet

Microsoft has published on Tuesday (June 30) two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library.

Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions.

In security advisories published today, Microsoft said the two security flaws can be exploited with the help of a specially crafted image file.

If the malformed images are opened inside apps that utilize the built-in Windows Codecs Library to handle multimedia content, then attackers would be allowed to run malicious code on a Windows computer and potentially take over the device.

From ZDNet
View Full Article

 


 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account