On October 16th, Microsoft released “out-of-band” (OOB) security updates to address vulnerabilities affecting Windows Codecs Library and Visual Studio Code.

https://redmondmag.com/articles/2020/10/19/microsoft-patches-window-codec.aspx

https://us-cert.cisa.gov/ncas/current-activity/2020/10/16/microsoft-releases-security-updates-address-remote-code-execution

Microsoft issued two “out-of-band” security updates late last week.  The two security bulletins were released outside Microsoft’s usual “update Tuesday” security patch-release cycle. Microsoft’s October security bundle had arrived on Oct. 13 (the second Tuesday of the month).  CISA encourages users and administrators to review the Microsoft security advisories for CVE-2020-17022 and CVE-2020-17023 and apply the necessary updates.