Results 1 to 8 of 8

Thread: Microsoft releases urgent updates for Windows 10 codecs

  1. #1
    HEXUS.admin
    Join Date
    Apr 2005
    Posts
    30,085
    Thanks
    0
    Thanked
    1,940 times in 681 posts

    Microsoft releases urgent updates for Windows 10 codecs

    Remote code execution security vulnerabilities exploitable via specially crafted image files.
    Read more.

  2. #2
    Senior Member
    Join Date
    Dec 2013
    Posts
    3,090
    Thanks
    430
    Thanked
    390 times in 268 posts

    Re: Microsoft releases urgent updates for Windows 10 codecs

    Microsoft has chosen to deploy updates to the Windows Codecs Library through the Windows Store app
    The Store app that's not installed with Windows server if IRC.

  3. #3
    Long member
    Join Date
    Apr 2008
    Posts
    1,896
    Thanks
    63
    Thanked
    325 times in 230 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: Microsoft releases urgent updates for Windows 10 codecs

    I find it amusing and amazing how people can find zero days like this using an image file.

  4. #4
    Registered+
    Join Date
    Feb 2005
    Location
    Ipswich
    Posts
    56
    Thanks
    0
    Thanked
    2 times in 2 posts

    Re: Microsoft releases urgent updates for Windows 10 codecs

    Quote Originally Posted by philehidiot View Post
    I find it amusing and amazing how people can find zero days like this using an image file.
    That's is the very reason. People just think it's not possible and write insecure code, and then some clever so and so finds it.

    Theoretically all data is just information in memory space so an image could contain data that represents CPU instructions and then if there is a vulnerability in the code that reads the image it could lead to a remote code execution. The expectation is of course loading an image file is not dangerous, where loading anything you don't have control over into RAM is potentially dangerous.

  5. #5
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,483
    Thanks
    213
    Thanked
    170 times in 115 posts
    • cheesemp's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • Intel i5 3570k @ 4.2
      • Memory:
      • 16gb Crucial Ballastix Elite DDR3 @1866
      • Storage:
      • 64Gb M4 + 240Gb arc100 + 500Gb TcSunbow SDD (for games only) 1x500Gb HDD
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC (with auto OC to above 580 speeds!)
      • PSU:
      • Antec 650W Semi modular
      • Case:
      • NZXT Source S340 Mid Tower
      • Operating System:
      • Win 10
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~30Mb

    Re: Microsoft releases urgent updates for Windows 10 codecs

    I've looked for this update but it's not showing on my domain controlled machine (In fact little from the store is showing as installed). I hope they are rolling it out as a generic patch too.
    Trust

    Laptop : Lenovo G505s A8-5550m 8Gb 240Gb SSD Radeon HD 8550G + Radeon HD 8570M dual graphics

  6. #6
    Long member
    Join Date
    Apr 2008
    Posts
    1,896
    Thanks
    63
    Thanked
    325 times in 230 posts
    • philehidiot's system
      • Motherboard:
      • Father's bored
      • CPU:
      • Cockroach brain V0.1
      • Memory:
      • Innebriated, unwritten
      • Storage:
      • Big Yellow Self Storage
      • Graphics card(s):
      • Semi chewed Crayola Mega Pack
      • PSU:
      • 20KW single phase direct grid supply
      • Case:
      • Closed, Open, Cold
      • Operating System:
      • Cockroach
      • Monitor(s):
      • The mental health nurses
      • Internet:
      • Please.

    Re: Microsoft releases urgent updates for Windows 10 codecs

    Quote Originally Posted by cheesemp View Post
    I've looked for this update but it's not showing on my domain controlled machine (In fact little from the store is showing as installed). I hope they are rolling it out as a generic patch too.
    They are, you can get it by downloading this image file:

    http://www.don'tclickmeyou........

  7. #7
    Registered+
    Join Date
    Feb 2005
    Location
    Ipswich
    Posts
    56
    Thanks
    0
    Thanked
    2 times in 2 posts

    Re: Microsoft releases urgent updates for Windows 10 codecs

    Quote Originally Posted by cheesemp View Post
    I've looked for this update but it's not showing on my domain controlled machine (In fact little from the store is showing as installed). I hope they are rolling it out as a generic patch too.
    It's on the Windows Store as HEIF Image Extensions. Quite a few places block access to that though, but Microsoft never considers that.

  8. #8
    Now 100% Apple free cheesemp's Avatar
    Join Date
    Apr 2007
    Location
    Near the New forest
    Posts
    2,483
    Thanks
    213
    Thanked
    170 times in 115 posts
    • cheesemp's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • Intel i5 3570k @ 4.2
      • Memory:
      • 16gb Crucial Ballastix Elite DDR3 @1866
      • Storage:
      • 64Gb M4 + 240Gb arc100 + 500Gb TcSunbow SDD (for games only) 1x500Gb HDD
      • Graphics card(s):
      • RX 480 8Gb Nitro+ OC (with auto OC to above 580 speeds!)
      • PSU:
      • Antec 650W Semi modular
      • Case:
      • NZXT Source S340 Mid Tower
      • Operating System:
      • Win 10
      • Monitor(s):
      • 32" QHD AOC Q3279VWF
      • Internet:
      • FTTC ~30Mb

    Re: Microsoft releases urgent updates for Windows 10 codecs

    Quote Originally Posted by Lorcaran View Post
    It's on the Windows Store as HEIF Image Extensions. Quite a few places block access to that though, but Microsoft never considers that.
    So Microsoft are only offering me the ARM version for my work PC, then refusing to install it as its not compatible. Guess it's been blocked by IT...

    @phileidiot - thanks but no thanks!
    Trust

    Laptop : Lenovo G505s A8-5550m 8Gb 240Gb SSD Radeon HD 8550G + Radeon HD 8570M dual graphics

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •