Microsoft fixes two RCE flaws affecting Windows 10 machines

Read the original article: Microsoft fixes two RCE flaws affecting Windows 10 machines


Microsoft has released fixes for two remote code execution (RCE) vulnerabilities in the Microsoft Windows Codecs Library on Windows 10 machines. The vulnerabilities Both flaws – CVE-2020-1425 and CVE-2020-1457 – arose because of the way the Microsoft Windows Codecs Library handled objects in memory. CVE-2020-1425 could allow attackers to obtain information to further compromise the user’s system, and CVE-2020-1457 would allow them to execute arbitrary code, all by tricking users into opening an image file. … More

The post Microsoft fixes two RCE flaws affecting Windows 10 machines appeared first on Help Net Security.


Read the original article: Microsoft fixes two RCE flaws affecting Windows 10 machines