Microsoft released an urgent and silent update in late June ahead of schedule to fix two serious security vulnerabilities Affecting hundreds of millions of customers running Windows 10 and Windows Server.
The rush to release the update comes two weeks ahead of the company’s scheduled monthly release on July 14.
Both of these security vulnerabilities are likely to be present in the Windows Codecs Library, a collection of libaries that help Windows operating systems. Open audio and video files. Through this vulnerability, hackers can trick users into downloading video files from the Internet and launching existing videos. Embedded viruses allow them to take complete control of your computer.
Microsoft says the vulnerabilities that run both remote codes are in the way the Windows codec library manages objects in memory. (memory). However, to take advantage of these two disadvantages, the attacker needs to trick the user into clicking on a particular image. Designed to work with any application that uses the Windows Codec Library.
The first vulnerability, called CVE-2020-1425, is very serious because if Windows is successfully attacked, the attacker could Collect data to compromise more vulnerable user systems.
However, Microsoft has released a system update to fix these two issues and update automatically for its customers. Alternatively, you can also update yourself instantly through the Microsoft Store.
Affected Windows operating systems include:
Windows 10 version 1709
Windows 10 version 1803
Windows 10 version 1809
Windows 10 version 1903
Windows 10 version 1909
Windows 10 version 2004
Windows Server 2019
Windows Server version 1803
Windows Server version 1903
Windows Server version 1909
Windows Server version 2004
For more information on these vulnerabilities, click CVE-2020-1425 and CVE-2020-1457 to read more.