MS.Windows.MF.H265.Stream.Parsing.Memory.Corruption
Description
This indicates an attack attempt to exploit a Memory Corruption Vulnerability in Microsoft Windows.
The vulnerability is due to improper validation of H265 media files. A remote attacker could exploit the vulnerability by enticing a victim user to open a maliciously crafted media file or open the folder containing the file. Successful exploitation could possibly allow the attacker to execute arbitrary code under the security context of the currently logged on user.
Affected Products
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16915
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |