Skip to main content

Urgent Windows 10 update plugs newfound security holes

Microsoft rolls out emergency Windows 10 security fix
Microsoft Windows 10 updates (Image credit: SOPA Images / Contributor)

Windows 10 users are now receiving an out-of-band emergency software security update. As Forbes reports, Microsoft confirms the update is necessary to address a security flaw.

According to Microsoft's published security update notes on June 30, two vulnerabilities were discovered by Trend Micro's Zero Day Initiative vulnerability analysis manager, Abdul-Aziz Hariri.

The discovery arrives days ahead of Microsoft's monthly Patch Tuesday update. Microsoft's decision to not wait for the next scheduled security update indicates just how consequential the vulnerabilities are. 

Windows 10 users are now receiving an out-of-band emergency software security update. As Forbes reports, Microsoft confirms the update is necessary to address a security flaw.

According to Microsoft's published security update notes on June 30, two vulnerabilities were discovered by Trend Micro's Zero Day Initiative vulnerability analysis manager, Abdul-Aziz Hariri.

The discovery arrives days ahead of Microsoft's monthly Patch Tuesday update. Microsoft's decision to not wait for the next scheduled security update indicates just how consequential the vulnerabilities are. 

This discovery arrives days ahead of Microsoft's monthly Patch Tuesday update. Microsoft's decision to not wait for the next scheduled security update indicates just how consequential the vulnerabilities are.

If left open, the security flaws within the Windows Codecs Library could result in a breach in Windows 10 or the Windows Server system. "A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory," Microsoft wrote.

Attackers would be able to exploit said vulnerabilities using a maliciously crafted image file.

Windows 10 users fear not. Microsoft's emergency security update will be installed automatically via the Microsoft Store. "Customers do not need to take any action to receive the update," Microsoft said.

You can manually check for the Windows update by opening the Microsoft Store from your taskbar or from the search box. Launch the app and select "Downloads and updates" from the drop down menu and select "Get updates".

Microsoft's notes state that only users who installed the optional HEVC or "HEVC from Device Manufacturer '' media codecs from Microsoft Store may be vulnerable.

The tech giant is no stranger to rolling out emergency security patches. Last year, Microsoft released an emergency Windows patch to fix a serious flaw in its now replaced Internet Explorer browser.

Hilda Scott

Hilda Scott uses her combined passion for gadgets and bargain shopping to bring you the best prices on all things tech. She has a bachelor’s degree in film and media studies from Hunter College and 11 years of tech and entertainment journalism. Her work has been featured on Tom’s Guide, iTechPost, Examiner.com, Parlemag, Enstars, and Latin Times. When she's not scouting for the best deals, Hilda’s catching up on her favorite TV shows and pro-wrestling matches.