Back in July I wrote about two weird Microsoft Store patches for a couple of security holes in the HEVC codecs, which are programs that Microsoft crea
[See the full post at: Another HEVC codec bug fixed via the Microsoft Store – plus a couple of updates on this month’s mayhem]
![]() |
There are isolated problems with current patches, but they are well-known and documented on this site. |
SIGN IN | Not a member? | REGISTER | PLUS MEMBERSHIP |
-
Another HEVC codec bug fixed via the Microsoft Store – plus a couple of updates on this month’s mayhem
Home » Forums » Newsletter and Homepage topics » Another HEVC codec bug fixed via the Microsoft Store – plus a couple of updates on this month’s mayhem
- This topic has 6 replies, 5 voices, and was last updated 4 years, 7 months ago.
AuthorTopicwoody
ManagerOctober 15, 2020 at 10:58 pm #2304640Viewing 2 reply threadsAuthorReplies-
Alex5723
AskWoody PlusOctober 16, 2020 at 12:59 am #2304646Microsoft updates :
* CVE-2020-16898
– CVE-2020-16898 | Windows TCP/IP Remote Code Execution Vulnerability
– https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16898– Version: 1.1
– Reason for Revision: The following changes have been made to further clarify the
information for this vulnerability: 1) Added FAQ and Mitigation sections 2) Added
Impact of Workaround to the Workaround section 3) Corrected the CVSS score to 8.8
4) Corrected the Exploitability Index from “1 – Exploitation More Likely” to
“2 – Exploitation Less Likely”. These are informational changes only.
– Originally October 13, 2020
– Updated: October 15, 2020
– Aggregate CVE Severity Rating: Critical-
This reply was modified 4 years, 7 months ago by
Alex5723.
1 user thanked author for this post.
-
This reply was modified 4 years, 7 months ago by
-
anonymous
GuestOctober 16, 2020 at 2:03 am #2304644So unless you’ve specifically downloaded the Microsoft codec, you don’t need to worry about it – but be aware that this one is also coming through Windows Update.
Like last time; this update is via Microsoft Store, not Windows Update:
Why are these security updates offered to affected clients via the Microsoft Store and not Windows Update?
These updates are for optional apps/components that are offered to customers as a download via the Microsoft Store. Updates for optional store apps/components are provided via the Microsoft Store.
CVE-2020-17022 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability FAQBut also like last time, “Get updates” in Microsoft Store produced nothing for me. So I used this store link again which did download/install the correct update:
https://www.microsoft.com/en-us/p/hevc-video-extensions-from-device-manufacturer/9n4wgh0z6vhq
1 user thanked author for this post.
-
woody
ManagerOctober 16, 2020 at 6:22 am #2304701Like last time; this update is via Microsoft Store, not Windows Update
You’re absolutely right. I changed the main post.
-
WCHS
AskWoody PlusOctober 16, 2020 at 11:04 pm #2304880But also like last time, “Get updates” in Microsoft Store produced nothing for me. So I used this store link again which did download/install the correct update: ….
On one of my Windows 10 devices, version 1909, I have the app HEVC Video Extensions for Device Manufacturer v 1.0.32022.0 showing in Apps and Features, installed 08/07/2020. For me, also, right now “Get updates” in Microsoft Store produced nothing. I also did a search for “HEVC Video Extensions from Device Manufacturer” and nothing came up.
Then, I went to the link and it said “HEVC Video Extensions from Device Manufacturer is currently not available”.
What gives here, anyway??
-
WCHS
AskWoody PlusOctober 16, 2020 at 11:31 pm #2304885For me, also, right now “Get updates” in Microsoft Store produced nothing. I also did a search for “HEVC Video Extensions from Device Manufacturer” and nothing came up
I just now signed into my MS account and clicked “Get updates.” HEVC Video Extensions from Device Manufacturer then downloaded–v 1.0.32762.0
-
-
-
Microfix
AskWoody MVP
Viewing 2 reply threads -

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
Get Plus!
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 11, Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.
Search Newsletters
Search Forums
View the Forum
Search for Topics
Recent Topics
-
Office gets current release
by
Susan Bradley
45 minutes ago -
FBI: Still Using One of These Old Routers? It’s Vulnerable to Hackers
by
Alex5723
2 hours, 22 minutes ago -
Windows AI Local Only no NPU required!
by
RetiredGeek
1 hour, 18 minutes ago -
Stop the OneDrive defaults
by
CWBillow
3 hours, 11 minutes ago -
Windows 11 Insider Preview build 27868 released to Canary
by
joep517
13 hours, 7 minutes ago -
X Suspends Encrypted DMs
by
Alex5723
15 hours, 19 minutes ago -
WSJ : My Robot and Me AI generated movie
by
Alex5723
15 hours, 37 minutes ago -
Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor
by
Alex5723
16 hours, 14 minutes ago -
OpenAI model sabotages shutdown code
by
Cybertooth
16 hours, 51 minutes ago -
Backup and access old e-mails after company e-mail address is terminated
by
M W Leijendekker
5 hours, 1 minute ago -
Enabling Secureboot
by
ITguy
12 hours, 1 minute ago -
Windows hosting exposes additional bugs
by
Susan Bradley
1 day ago -
No more rounded corners??
by
CWBillow
20 hours, 34 minutes ago -
Android 15 and IPV6
by
Win7and10
10 hours, 19 minutes ago -
KB5058405 might fail to install with recovery error 0xc0000098 in ACPI.sys
by
Susan Bradley
1 day, 13 hours ago -
T-Mobile’s T-Life App has a “Screen Recording Tool” Turned on
by
Alex5723
1 day, 15 hours ago -
Windows 11 Insider Preview Build 26100.4202 (24H2) released to Release Preview
by
joep517
1 day, 10 hours ago -
Windows Update orchestration platform to update all software
by
Alex5723
1 day, 23 hours ago -
May preview updates
by
Susan Bradley
1 day, 10 hours ago -
Microsoft releases KB5061977 Windows 11 24H2, Server 2025 emergency out of band
by
Alex5723
1 day, 2 hours ago -
Just got this pop-up page while browsing
by
Alex5723
1 day, 15 hours ago -
KB5058379 / KB 5061768 Failures
by
crown
1 day, 12 hours ago -
Windows 10 23H2 Good to Update to ?
by
jkitc
14 hours, 34 minutes ago -
At last – installation of 24H2
by
Botswana12
2 days, 14 hours ago -
MS-DEFCON 4: As good as it gets
by
Susan Bradley
11 hours, 21 minutes ago -
RyTuneX optimize Windows 10/11 tool
by
Alex5723
3 days, 2 hours ago -
Can I just update from Win11 22H2 to 23H2?
by
Dave Easley
1 day, 1 hour ago -
Limited account permission error related to Windows Update
by
gtd12345
3 days, 16 hours ago -
Another test post
by
gtd12345
3 days, 16 hours ago -
Connect to someone else computer
by
wadeer
3 days, 10 hours ago
Recent blog posts
Key Links
Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.
Mastodon profile for DefConPatch
Mastodon profile for AskWoody
Home • About • FAQ • Posts & Privacy • Forums • My Account
Register • Free Newsletter • Plus Membership • Gift Certificates • MS-DEFCON Alerts
Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.