News/Info Microsoft pushes fix for two vulnerabilities in the Windows Codecs Library

[emailx45]

Microsoft pushes fix for two vulnerabilities in the Windows Codecs Library
By Abhay Venkatesh @abhay_venkat4 · Jul 1, 2020

Спойлер: Content

[SHOWTOGROUPS=4,20]

Для просмотра ссылки Войди или Зарегистрируйся
Microsoft yesterday pushed out a security update to fix two vulnerabilities in the Windows Codecs Library. The company has served these updates via the Microsoft Store to all supported versions of Windows 10 and Windows Server that have been affected.
The vulnerabilities, tracked under Для просмотра ссылки Войди или Зарегистрируйся and Для просмотра ссылки Войди или Зарегистрируйся are bugs that exist in the Codecs Library that handles objects in memory. When exploited, these flaws let an attacker “execute arbitrary code” or gain further information from the victim machine. Both the security vulnerabilities can be taken advantage of when a specially crafted image file is “processed” by the user’s device, which then allows for an attacker to gain control of the device and perform malicious actions.
Currently, there are no known workarounds or mitigations for these vulnerabilities. Thankfully, the Redmond adds that the flaws are not publicly disclosed and that there are no known exploits in the wild. The firm credits Для просмотра ссылки Войди или Зарегистрируйся for privately disclosing the bugs.
It must be noted that the fix for these known security threats have been deployed via an update to the codecs through the Microsoft Store, and not through Windows Update. The company says that customers do not need to take any specific action to receive the update.

Source: Microsoft (Для просмотра ссылки Войди или Зарегистрируйся)(Для просмотра ссылки Войди или Зарегистрируйся) via Для просмотра ссылки Войди или Зарегистрируйся

[/SHOWTOGROUPS]