Technical Information

Brief overview of the risk:

A Remote Code Execution vulnerability in HEVC video extension. An attacker can exploit this vulnerability by tricking the victim to open a specially crafted image file would crash Explorer during browsing of the directory containing the file or result in Remote Code Execution on the victim’s machine. An attacker who successfully exploited the vulnerability could execute arbitrary code on the host machine in the context of the logged on user.

Further information on this vulnerability is available at : CVE-2022-21917