Security
Headlines
HeadlinesLatestCVEs

Tag

#Microsoft MPEG-2 Video Extension

CVE-2021-38644: Microsoft MPEG-2 Video Extension Remote Code Execution Vulnerability

*Is Windows vulnerable in the default configuration?* No. Only customers who have installed this app from the Microsoft Store may be vulnerable. *How do I get the updated app?* The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details. It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers. *My system is in a disconnected environment; is it vulnerable?* Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations. *How can I check if the update is installed?* App package versions *1.0.42152.0* and later contain this update. You can check the package version in PowerShell: Get-AppxPackage -Name Microsoft.MPEG2VideoExtension

Microsoft Security Response Center
#Microsoft MPEG-2 Video Extension#Security Vulnerability#vulnerability#windows#microsoft