acm-header
Sign In

Communications of the ACM

ACM News

Microsoft Releases Emergency Security Update to Fix Two Bugs in Windows Codecs


View as: Print Mobile App Share:

Microsoft said the bugs were privately reported and they haven't been used in the wild before today's patches.

Credit: ZDNet

Microsoft has published on Tuesday (June 30) two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library.

Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions.

In security advisories published today, Microsoft said the two security flaws can be exploited with the help of a specially crafted image file.

If the malformed images are opened inside apps that utilize the built-in Windows Codecs Library to handle multimedia content, then attackers would be allowed to run malicious code on a Windows computer and potentially take over the device.

From ZDNet
View Full Article

 


 

No entries found