Severity Rating: HIGH
Software Affected
· Windows 10 Version 1709 for 32-bit Systems and x64-based Systems
· Windows 10 Version 1709 for ARM64-based Systems
· Windows 10 Version 1803 for 32-bit Systems and x64-based Systems
· Windows 10 Version 1803 for ARM64-based Systems
· Windows 10 Version 1809 for 32-bit Systems and x64-based Systems
· Windows 10 Version 1809 for ARM64-based Systems
· Windows 10 Version 1903 for 32-bit Systems and x64-based Systems
· Windows 10 Version 1903 for ARM64-based Systems
· Windows 10 Version 1909 for 32-bit Systems and x64-based Systems
· Windows 10 Version 1909 for ARM64-based Systems
· Windows 10 Version 2004 for 32-bit Systems and x64-based Systems
· Windows 10 Version 2004 for ARM64-based Systems
Overview
Multiple vulnerabilities have been reported in Microsoft Windows which
could allow a remote attacker to execute arbitrary code on a targeted
system.
Description
These vulnerabilities exist in Microsoft Windows Codecs Library due to
improper handling of objects in memory. A remote attacker could exploit
this vulnerability by convincing the user to open a specially crafted image
file on an affected system.
Successful exploitation of these vulnerabilities could allow the attacker
to execute arbitrary code on the targeted system.
Solution
The affected systems are being updated automatically via Microsoft Store.
To receive the update immediately, users can check for updates with the
Microsoft Store App. For further information, refer to the FAQ sections at:
Vendor Information
Microsoft
References
ESET WeLiveSecurity
https://www.welivesecurity.com/2020/07/01/microsoft-releases-emergency-update-two-serious-windows-flaws/
CyberSecurityHelp
CVE Name
CVE-2020-1425
CVE-2020-1457
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.