Perhaps this is an example of why few companies develop codecs: https://www.zdnet.com/article/microsoft-releases-emergency-security-update-to-fix-two-bugs-in-windows-codecs/
At least MS has responded promptly to the vulnerability.
Interesting - apparently the vulnerability was in a library responsible for parsing HEIC images with HEVC codec:
https://arstechnica.com/information-technology/2020/07/unscheduled-fixes-for-critical-windows-flaws-delivered-through-rare-channel/
I doubt that many people were affected by this.
While Apple (and Nokia) is pushing or even enforcing HEIC/HEIF, it's not used much (yet) outside Apple's walled garden.
HEIC/HEIF is infested by so many software patents, royalty pitfalls, the MPEG, I don't care much for it. File formats based on long strings of interwoven software patents are never good. By using these, people make themselves vulnerable for lock-in or let others take control over their files. We know that Apple insists on hive to get away with less (thus cheaper) memory in their devices, but for all others, where is the benefit...?
Microsoft patched this bug via the store because the HEIC/HEIF WIC codec is exclusively available via the store.
It is not part of Windows.
Since Microsoft has (AFAIK) to pay royalties to Apple/Nokia/MPEG/... for every user who uses the HEIC/HEIF codec, they don't include it in Windows.
It's a separate (free) download from the store. Only users who need it, install it. This keeps the license fees down for Microsoft.
Again. Who in his right mind would store her/his personal images or videos in a file format for which Apple, Nokia and who knows how many other big players holds patents? And have full control over?
This is exactly the opposite of a free, portable, cross-platform, archival-safe file format. But this is exactly what we should all insist on using.