#microsoft

**Is the Preview Pane an attack vector for this vulnerability?** No, the Preview Pane is not an attack vector.

**How do I get the updated app?** The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details. It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers. **My system is in a disconnected environment; is it vulnerable?** Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations. **How can I check if the update is installed?** If your device manufacturer preinstalled this app, package versions **2.0.23022.0** and later contain this update. If you purchased this app from the Microsoft Store, package versions **2.0.23022.0** and later contain this update. You can check the package version in PowerShell: `Get-AppxPackage -Name Microsoft.HEVCVideoExtension*`

**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.

**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.

**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.

**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.

**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.

**What version of Microsoft Defender for IoT has the update that protects from this vulnerability?** Version 10.5.2 and above. **What is the action required to take the update?** You need to update to the latest Microsoft Defender for IoT software version. See the **Update the software version section** of Manage the on-premises management console. **What is Microsoft Defender for IoT?** Microsoft Defender for IoT is a unified security solution for identifying IoT/OT devices, vulnerabilities, and threats. It enables you to secure your entire IoT/OT environment, whether you need to protect existing IoT/OT devices or build security into new IoT innovations. See Microsoft Defender for IoT for more information.

**How do I get the updated app?** The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details. It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers. **My system is in a disconnected environment; is it vulnerable?** Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations. **How can I check if the update is installed?** If your device manufacturer preinstalled this app, package versions **2.0.23022.0** and later contain this update. If you purchased this app from the Microsoft Store, package versions **2.0.23022.0** and later contain this update. You can check the package version in PowerShell: `Get-AppxPackage -Name Microsoft.HEVCVideoExtension*`

**How do I get the updated app?** The Microsoft Store will automatically update affected customers. Alternatively, customers can get the update immediately; see here for details. It is possible for customers to disable automatic updates for the Microsoft Store. The Microsoft Store will not automatically install this update for those customers. **My system is in a disconnected environment; is it vulnerable?** Customers using the Microsoft Store for Business and Microsoft Store for Education can get this update through their organizations. **How can I check if the update is installed?** If your device manufacturer preinstalled this app, package versions **2.0.23022.0** and later contain this update. If you purchased this app from the Microsoft Store, package versions **2.0.23022.0** and later contain this update. You can check the package version in PowerShell: `Get-AppxPackage -Name Microsoft.HEVCVideoExtension*`