Security News > 2020 > October > Microsoft Fixes RCE Flaws in Out-of-Band Windows Update
One flaw exists in Microsoft's Visual Studio Code is a free source-code editor made by Microsoft for Windows, Linux and macOS. The other is in the Microsoft Windows Codecs Library; the codecs module provides stream and file interfaces for transcoding data in Windows programs.
According to Microsoft, one "Important" severity flaw stems from the way that Microsoft Windows Codecs Library handles objects in memory.
"The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory," according to Microsoft.
"Affected customers will be automatically updated by Microsoft Store," according to Microsoft.
The fixes come days after Microsoft's October Patch Tuesday updates, during which it released fixes for 87 security vulnerabilities, 11 of them critical - and one potentially wormable.
News URL
https://threatpost.com/microsoft-rce-flaws-windows-update/160244/
Related news
- Microsoft fixes Windows KB5043145 reboot loops, USB and Bluetooth issues (source)
- What Is Inside Microsoft’s Major Windows 11 Update? (source)
- Microsoft warns of Windows 11 24H2 gaming performance issues (source)
- Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft fixes Remote Desktop issues caused by Windows Server update (source)
- Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (source)
- Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server (source)
- Microsoft blocks Windows 11 24H2 on two ASUS models due to crashes (source)
- Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch (source)