QID 91820

Date Published: 2021-09-15

QID 91820: Microsoft MPEG-2 Video Extension Remote Code Execution (RCE) Vulnerability

A remote code execution vulnerability exists in the way that Microsoft MPEG-2 Video extensions handles objects in memory.

Affected Product:
MPEG-2 Video Extension before version 1.0.42152.0

QID detection Logic:
The gets the version of HMPEG2VideoExtension by querying wmi class Win32_InstalledStoreProgram.

An attacker who successfully exploited this vulnerability can compromise confidentiality, integrity and availability of the system

  • CVSS V3 rated as High - 7.8 severity.
  • CVSS V2 rated as Medium - 4.6 severity.
  • Solution
    Users are advised to check CVE-2021-38644 for more information.

    CVEs related to QID 91820

    Software Advisories
    Advisory ID Software Component Link
    CVE-2021-38644 URL Logo msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38644