Microsoft silently updated Windows 10 to patch 2 serious security holes
On July 1, Microsoft quietly updated Windows 10 to patch two critical security holes that affected hundreds of millions of users. This emergency update was released by Microsoft two weeks ahead of the monthly Patch Tuesday release schedule.
Two newly patched security holes are found in the Windows Codecs Library. They allow hackers to download, install and launch malicious applications. Codec is a collection of support libraries that help Windows play, compress and decompress music and video files.
The code names of the two new vulnerabilities are CVE-2020-1425 and CVE-2020-1456. Hackers can take advantage of these vulnerabilities to execute arbitrary commands and control the compromised computer. According to Microsoft, both vulnerabilities stem from the way the codec library handles objects in memory.
Two serious security holes caused Microsoft to silently release an emergency patchHowever, to exploit both of these vulnerabilities, a hacker will first have to trick the user into clicking on specially created image files. When clicked, these image files will be opened by any application that uses Windows' built-in Codec Library.
In the two vulnerabilities, CVE-2020-1425 is more dangerous because it allows hackers to collect data to cause more damage to victims. CVE-2020-1456 is considered dangerous because it allows hackers to execute arbitrary commands on the hacked Windows computer.
Microsoft said at the time they released the patch, both the vulnerabilities were not publicly disclosed or actively exploited by hackers.
List of affected Windows operating system versions:
- Windows 10 version 1709
- Windows 10 version 1803
- Windows 10 version 1809
- Windows 10 version 1903
- Windows 10 version 1909
- Windows 10 version 2004
- Windows Server 2019
- Windows Server version 1803
- Windows Server version 1903
- Windows Server version 1909
- Windows Server version 2004
Microsoft will automatically update this patch on the affected versions of Windows, without taking any action.
You should read it
- AMD patched a series of security holes in the graphics driver for Windows 10
- Microsoft is preparing to release a series of new security holes
- How to fix BlueKeep security error for Windows 2003, Windows XP, Windows 7, Windows Server 2008
- Microsoft has a group of 'elite' hackers that specialize in attacking Windows to keep the operating system safe
- Microsoft has released a critical update for Windows 10, users need to update now
- McAfee software has a vulnerability that allows hackers to run code with system privileges on Windows
- Microsoft released an updated patch for 25 critical security holes
- Windows 10 1809 and 1909 officially discontinued support
- How to Move on After Windows 7 End of Support
- Google: Dangerous for users when Microsoft does not patch Windows the same way on the OS
- Detect 2 serious security holes in the Zoom application
- Hacker revealed the second Zero-Day, broke Windows' EoP vulnerability patch
Maybe you are interested
Why should you buy a MacBook instead of a Snapdragon X Elite Windows laptop?
How to set up a secure guest account on a Windows computer
How to Enable and Disable Tabs in File Explorer on Windows 11
5 macOS Sequoia Features Not Available on Windows 11
Why does Windows operating system have such a bad reputation?
Quickly fix Unmountable Boot Volume error on Windows 10/11