Security News > 2020 > July > Microsoft Releases Emergency Security Updates for Windows 10, Server
Microsoft has quietly pushed out two emergency security updates to fix remote code execution bugs in Microsoft Windows Codecs Library.
The out-of-band updates, addressing a critical-severity flaw and important-severity vulnerability, were sent out via Windows Update Tuesday night and affect several versions of Windows 10 and Windows Server 2019.
Both vulnerabilities allow for remote code execution "In the way that Microsoft Windows Codecs Library handles objects in memory," according to the updates.
Microsoft included a complete list of the Windows 10 and Windows Server distributions affected in its advisories, which offered little in terms of specific detail on the flaws.
It's not completely uncommon for Microsoft to release updates outside of the second Tuesday of every month, also known as "Patch Tuesday." However, typically the company does so in response to vulnerabilities uncovered by third-party security researchers-including from rivals such as Google - that are found to be under attack.
News URL
https://threatpost.com/microsoft-releases-emergency-security-updates-for-windows-10-server/157055/
Related news
- Windows 10 KB5041580 update released with 14 fixes, security updates (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Windows 10 KB5043064 update released with 6 fixes, security updates (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Windows Server 2025 previews security updates without restarts (source)
- Microsoft ends development of Windows Server Update Services (WSUS) (source)
- Bad apps bypass Windows security alerts for six years using newly unveiled trick (source)
- Microsoft: Windows 11 22H2 reaches end of support in 60 days (source)