Microsoft Windows Codecs Library Vulnerability showing up on scan, even after updating the apps.

New Contributor

Hello Tech Community,

 

I hope I'm posting this in the right place. I need help with some vulnerability issues. This is happening for a few things, and I'm at a loss as to what to do next. This example is the Qualys QID 91866 Microsoft Windows Codecs Library HEVC Video and VP9 Extensions Remote Code Execution (RCE) Vulnerability for February 2022.

I have updated all the relevant codecs, checked their current versions in PowerShell and confirmed with the CVE that they are up to date, but the VM keeps retrieving this in its scan. The only place I can find older version remnants is the registry, and I don't particularly want to go in and remove a bunch of keys. I'm also not able uninstall the codecs or the other apps this issue keeps happening on. 

 

In this case, the scan shows 

Microsoft vulnerable Microsoft.VP9VideoExtensions detected 
Version     '1.0.13333.0' 

 Installed version is 1.0.42351.0 . 

 

This is also happening with the Office App and Photos App. Any ideas as to how best to remediate?

 

Thanks for the help!

 

-OrestisO

 

2 Replies

@OrestisO 

 

Did you ever find a fix for this?  We have the same issue and even removed the old version only to find out it still shows as vulnerable.  It might be picking it up in user profiles which makes it more difficult to remove.

Hi @Kurt Carpenter , what worked for me was to completely uninstall the package using Powershell and then reinstall it from Microsoft Store. I don't need the app, but that solved the problem. The same thing happened with a variety of other codecs. I don't think the uninstall from Programs and Features is a completely clean one, so Powershell was the way to go. Unfortunately, in all my cases there was only a single profile per machine so I don't know if it's installed in each user profile. 

 

What might be an easier way to deal with this is winget. This page has a good breakdown on how to use it, whether for targeted apps or just an overall update. 

 

https://pureinfotech.com/update-apps-winget-windows-11/

 

I hope this helps!

www.000webhost.com