Media Foundation is a COM-based multimedia framework on most versions of Microsoft Windows that assists with many audio and video operations. An attacker must convince the user to open a specially crafted QuickTime file to trigger this vulnerability. Microsoft disclosed and patched this bug as part of their monthly security update Tuesday. The vulnerability exists in the CQTMetadataKeysAtom GetKeyForIndex functionality of Microsoft Corporation Microsoft Corporation. Microsoft Media Foundation, version 10.0.18362.476 and Windows Media Player, version 12.0362.449 are affected by the vulnerability.”]
Source: https://blog.talosintelligence.com/2020/04/vuln-spotlight-microsoft-media-foundation-april-2020.html