Shulou(Shulou.com)06/01 Report--

This article is to share with you about the Microsoft Windows codec library remote execution of CVE-2020-1457Universe 1425 loophole is how, the editor feels very practical, so share with you to learn, I hope you can get something after reading this article, say no more, follow the editor to have a look.

0x00 vulnerability background

July 01, 2020, 360CERT Monitoring found that Microsoft officially issued a risk notice for a vulnerability in remote code execution of the Microsoft Windows codec library, numbered CVE-2020-1457 and CVE-2020-1425, with a level of vulnerability: medium danger.

Microsoft Windows is a set of operating system developed by Microsoft, and Windows Codecs Library is one of the audio and video file codecs.

A remote code execution vulnerability exists in the way the Microsoft Windows codec library handles objects in memory, which can be exploited by attackers to execute arbitrary code with the help of specially crafted image files.

In this regard, 360CERT recommends that the majority of users timely install the latest patches, do a good job of asset self-examination and prevention work, so as to avoid hacker attacks.

0x01 risk rating

360CERT's assessment of the vulnerability is as follows

Assessment methods, threat levels, medium risk impact surfaces, general 0x02 vulnerability details

A remote code execution vulnerability exists in the way the Microsoft Windows codec library handles objects in memory, which can be exploited by attackers to execute arbitrary code with the help of specially crafted image files.

This vulnerability only affects the Windows10 operating system; it does not affect Windows Server.

Users who download HEVC or vendor-specific HEVC from the App Store will be affected by this vulnerability.

The HEVC component is not available for offline environments; users in offline environments are not affected by this vulnerability.

Commercial Windows10 receives updates from Windows Store in the same way as regular Windows10.

Microsoft has not yet released a regular patch for this vulnerability and currently can only get updates from the Windows store.

0x03 affects version

Windows 10 Version 1709 for 32-bit Systems

Windows 10 Version 1709 for ARM64-based Systems

Windows 10 Version 1709 for x64-based Systems

Windows 10 Version 1803 for 32-bit Systems

Windows 10 Version 1803 for ARM64-based Systems

Windows 10 Version 1803 for x64-based Systems

Windows 10 Version 1809 for 32-bit Systems

Windows 10 Version 1809 for ARM64-based Systems

Windows 10 Version 1809 for x64-based Systems

Windows 10 Version 1903 for 32-bit Systems

Windows 10 Version 1903 for ARM64-based Systems

Windows 10 Version 1903 for x64-based Systems

Windows 10 Version 1909 for 32-bit Systems

Windows 10 Version 1909 for ARM64-based Systems

Windows 10 Version 1909 for x64-based Systems

Windows 10 Version 2004 for 32-bit Systems

Windows 10 Version 2004 for ARM64-based Systems

Windows 10 Version 2004 for x64-based Systems

0x04 repair recommendations General patching recommendations:

Users can check for updates through Microsoft Store App.

This is how the Microsoft Windows codec library remotely executes the CVE-2020-1457A1425 vulnerability. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.