Skip to Content

How Can You Protect Your Computer from This Dangerous Windows Security Flaw?

By: Author Alex Lim

Posted on

Categories Windows

Home » Microsoft » Windows » How Can You Protect Your Computer from This Dangerous Windows Security Flaw?

A serious security flaw hit Windows 11 24H2 and Windows Server 2025 systems earlier this year. The bug, called CVE-2025-50165, earned a scary score of 9.8 out of 10 for danger level. Think of it like leaving your front door wide open—hackers could sneak in and take over your computer just by getting you to open a picture file.​

What Makes This Bug So Scary?

This flaw lives inside a Windows file called windowscodecs.dll, which helps your computer show pictures. Any program that uses this file becomes a target. Microsoft Office and many other apps rely on it, making millions of computers vulnerable.​

Bad guys can hide harmful code inside a JPEG photo. When you open a document with that photo—like a Word file or PDF—your computer gets infected. You don’t even need to click anything special; just opening the file is enough.​

How Zscaler Found the Problem

Zscaler’s security team discovered this weakness in May 2025 and quickly told Microsoft about it. Their researchers showed how hackers could:​

  1. Create a fake JPEG image with hidden attack code
  2. Stick that image into any file using the windowscodecs.dll library
  3. Wait for someone to open the file
  4. Take complete control of the victim’s system through remote access​

The attack works because the bug involves something called an “uninitialized function pointer”—basically, the computer follows bad directions to the wrong place in memory.​

The Fix Is Already Here

Microsoft fixed this hole on August 12, 2025. They released two updates: KB5063878 and KB5064010. These patches close the door hackers were using to break in.​

The good news? Nobody has seen this attack used in the real world yet. Microsoft says actually pulling off this hack is pretty hard. But that doesn’t mean you should wait to update your computer.​

What You Need to Do

Check your Windows Update right now. Make sure you have the August 2025 patches or any newer ones installed. Windows updates are cumulative, which means newer updates include all the old fixes too.​

If you run Windows 11 24H2 or Windows Server 2025, this matters to you. Don’t put it off—security updates protect you from threats you can’t even see coming.