Microsoft releases emergency update.

Windows Articles

How To Install and Configure Master BIND DNS Server On Ubuntu 20.04

Today we are going to learn that how to install and configure Master BIND DNS server on Ubuntu 20.04. As you all know that...

Diskpart is a very useful tool for managing storage in Windows 10.

Hello! Diskpart is an internal tool included in Windows systems that allows you to manage storage units. Indeed, it is possible to manage internal...

How To Install MySQL 8.0 On Ubuntu 20.04

Today we are going to learn that how to Install MySQL 8.0 on Ubuntu 20.04. MySQL is one of the most popular and commonly...

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

Microsoft releases emergency update.

Security is one of the fundamental issues for Microsoft in Windows 10. In fact, since it was launched, the company has changed its upgrade methods. In fact, previously security updates were released on the second Tuesday of every month. Recently, important security updates will be released as soon as they are available. In this opportunity, Microsoft releases updates for Windows 10 and Visual Studio. The aim is to mitigate two serious vulnerabilities. In addition, this update comes after the most recent update for insiders. It puts an end to 87 vulnerabilities present in the operating system. Well, read on to see why Microsoft releases an emergency update for Windows 10 and Visual Studio.

The latest security hole in Windows 10 is caused by the HEVC codec.

The first error is listed as CVE-2020-17022, and affects all versions of Windows 10. Microsoft indicates that attackers can use image files. Consequently, when opened by a Windows app, attackers can execute malicious code remotely. Specifically, it affects images that use the HEVC codec. This update will not arrive through Windows Update. On the contrary, it will be done through the Microsoft Store. The store will update the device manufacturer’s HEVC application. Therefore, only those using this codec are affected. As this is a Store application, Windows Server editions are not affected.

To check if the system is affected, you must follow the following path:Windows Settings>Apps>HEVC >Advanced Options. Once there, please check if you have versions 1.0.32762.0, 1.0.32763.0 and later. These are the patched versions. If not, please hurry to update the system.

Malicious code execution in Visual Studio

The second major vulnerability, named CVE-2020-17023, is in Visual Studio. The company indicates that attackers can introduce malicious code into the package.json files. Consequently, when loaded into Visual Studio, they can execute this code to infect the computer with any type of malware. Depending on the user permissions, the attacker code can be executed with administrator permissions. Consequently, you have complete control over the infected computer. Package.json files are especially used in JavaScript projects and libraries. On the other hand, this language and its Node.js server technology are among the most popular technologies today.

Finally, we see how the attackers refine their security threats. For that reason, Microsoft releases an emergency update for Windows 10 and Visual Studio. Once again, the key is the common sense and intelligence of the user. That is, the system should certainly protect from any attack. However, most of the damages are caused by the user’s negligence. That’s why, when using Windows you must follow elementary security rules. For example, downloads should be made from official sites. In addition, depending on the needs of use, Windows Defender can be complemented with a good antivirus. All right, that’s it for today. If you want to know the latest in computer security, keep an eye on our updates. See you soon!

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How To Install and Configure Master BIND DNS Server On Ubuntu 20.04

Today we are going to learn that how to install and configure Master BIND DNS server on Ubuntu 20.04. As you all know that...

Diskpart is a very useful tool for managing storage in Windows 10.

Hello! Diskpart is an internal tool included in Windows systems that allows you to manage storage units. Indeed, it is possible to manage internal...

How To Install MySQL 8.0 On Ubuntu 20.04

Today we are going to learn that how to Install MySQL 8.0 on Ubuntu 20.04. MySQL is one of the most popular and commonly...

How to Update to MIUI 12 via Fastboot

Greetings friends. The new version of the Android-based operating system MIUI 12 released this year, is still being deployed with some devices missing. On...

How to use modprobe command?

The modprobe command is a Linux administration system created for management, visualization, inclusion and exclusion. From loadable modules to kernel. Also, the Module is...
x