Microsoft has launched two out-of-band fixes for Windows Codecs library and Visual Studio Code to handle Remote Code Execution vulnerabilities in each platforms.
The Windows bug concerned the HEVC Windows Codecs library and impacts all variations of Windows.
Detailed in CVE-2020-17022, Microsoft says attackers can craft malicious pictures that, when processed by an app working on high of Windows, can permit the attacker to execute code on an unpatched Windows OS.
Only those that put in the elective HEVC or “HEVC from Device Manufacturer” media codecs from Microsoft Store are affected and Microsoft is distributing the patch straight
Source hyperlink