Microsoft has launched two safety updates for Windows, as a way to deal with the safety points in Windows Codecs library and the Visual Studio Code software. The two updates come after Microsoft launched its month-to-month safety patch final week. This month, Microsoft mounted 87 vulnerabilities in its Windows working system for PCs. Both the brand new vulnerabilities in Windows Codecs library and Visual Studio Code software are ‘distant code execution’ flaws permitting attackers to execute code on impacted techniques remotely.
The Windows Codec library bug has been recognized as CVE-2020-17022. Microsoft has stated that utilizing this bug, the attacker can craft malicious photos that, when processed by an app operating on Windows, can permit an attacker to execute code on an unpatched Windows OS. All Windows 10 variations are impacted with this flaw. Microsoft stated that an replace for the Windows Codec library could be mechanically put in on customers’ computer systems by way of the Microsoft retailer. Only those that have put in the non-compulsory HEVC or “HEVC from Device Manufacturer media codes from the Microsoft Store have been affected. The HEVC is just out there by way of the Microsoft Store, and even the library shouldn’t be supported on Windows Server.
Users can test if they’re utilizing the HEVC code by going to Settings > Apps & Features > HEVC, Advanced Options.