Forum Discussion
Microsoft Windows Codecs Library Vulnerability showing up on scan, even after updating the apps.
Did you ever find a fix for this? We have the same issue and even removed the old version only to find out it still shows as vulnerable. It might be picking it up in user profiles which makes it more difficult to remove.
Kurt Carpenter Ditto. Looks like a reference to the old version is lingering in wmi, which is our problem since the detection logic in our case is querying wmi. I'm waiting on a fix from MS. More broadly, we can't update raw image file, VP9, HEIF, extensions... since we don't use MS Store.
arneb3 did you ever get a solution to this? Our Qualys scans are still bringing up Windows Store Apps (eg codecs) that we can't update. Is there a way to remove them from WMI?
QulaysUser In addition to pushing latest versions via sccm, we had to deploy a removal package via sccm (powershell scripted repeating loops because multiple old versions on some machines). It was painstaking...
Hi Kurt Carpenter , what worked for me was to completely uninstall the package using Powershell and then reinstall it from Microsoft Store. I don't need the app, but that solved the problem. The same thing happened with a variety of other codecs. I don't think the uninstall from Programs and Features is a completely clean one, so Powershell was the way to go. Unfortunately, in all my cases there was only a single profile per machine so I don't know if it's installed in each user profile.
What might be an easier way to deal with this is winget. This page has a good breakdown on how to use it, whether for targeted apps or just an overall update.
https://pureinfotech.com/update-apps-winget-windows-11/
I hope this helps!
