Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library.
The two issues are remote code execution vulnerabilities tracked as CVE-2020-1425 & CVE-2020-1457 that impact Windows 10 and Windows Server 2019 OSs.
“A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.” reads the security advisory for the CVE-2020-1425 published by Microsoft.
