Vulnerabilities

Microsoft fixes two RCE flaws affecting Windows 10 machines

Issued by: Help Net Security

Advertisement


Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines.

The vulnerabilities

Both flaws – CVE-2020-1425 and CVE-2020-1457 – arose because of the way the Microsoft Windows Codecs Library handled objects in memory.

CVE-2020-1425 could allow attackers to obtain information to further compromise the user’s system, and CVE-2020-1457 would allow them to execute arbitrary code, all by tricking users into opening an image file.

Source
You might also like
Vulnerabilities

CPRA hints at the future of cybersecurity and privacy

Vulnerabilities

Apple issues security updates for macOS, iDevices

Vulnerabilities

Most consumers worry about cybercrime, but are not aware of what can be done about it

Vulnerabilities

Microsoft: China Flaw Disclosure Law Part of Zero-Day Exploit Surge

Advertisement