On October 16th, Microsoft released “out-of-band” (OOB) security updates to address vulnerabilities affecting Windows Codecs Library and Visual Studio Code.



Microsoft issued two “out-of-band” security updates late last week.  The two security bulletins were released outside Microsoft’s usual “update Tuesday” security patch-release cycle. Microsoft’s October security bundle had arrived on Oct. 13 (the second Tuesday of the month).  CISA encourages users and administrators to review the Microsoft security advisories for CVE-2020-17022 and CVE-2020-17023 and apply the necessary updates.