Microsoft Patch Tuesday April 2020 fixes 113 vulnerabilities including 3 zero day flaws

Microsoft has fixed 113 security vulnerabilities, including 37 remote code execution and 22 elevation of privilege vulnerabilities. Out of this 113 vulnerabilities, Microsoft has rated 15 to be critical, 93 as important, 3 as moderate and 2 as low. Considering the world is in a crisis, the system administrators must be under a substantial amount of pressure, so please be nice to them. 

Out of the three zero day vulnerabilities, two have been identified for being exploited in the wild. Users and sysadmins are advised to update these fixes to the earliest to keep their network safe and secured.

Three zero-day vulnerabilities that are fixed in Microsoft Patch Tuesday April 2020

CVE-2020-0935 – OneDrive for Windows elevation of privilege.

CVE-2020-1020– Adobe Font Manager Library remote code execution vulnerability

CVE-2020-0938– Adobe Font Manager Library remote code execution vulnerability

The two zero-day vulnerabilities in the Adobe Font Manager Library is a remote code execution flaw, and is found exploited in the wild. This vulnerability allows uniquely crafted multi master font- Adobe Type 1 PostScript format. If an attacker exploits this vulnerability, he code execute code remotely. In Windows 10, the attacker could execute code in an AppContainer with limited privileges. He could then, install programs, modify data or create new user accounts with admin privileges.

The Attacker could specially crafted malicious document or Windows preview pane to exploit this vulnerability.Though number of workaround were defined to mitigate this vulnerability, deploying this patch will fix the vulnerability completely. Users who have deployed those workarounds should undo them and deploy this security patch to fix the vulnerability permanently.

Microsoft Patch Tuesday April 2020 List of 15 critical vulnerabilities

Best way to update your systems with the security patches

Users can use the automated windows updates to download and update the patches, or employ manual updates to verify and update the patches as per convenience. 

Enterprises can employ patch management tools like WSUS, Ivanti, Solarwinds, PatchMyPC, Microsoft Endpoint Manager, SCCM, Atera, ConnectWise Automate and more. These tools will either work with WSUS or independently to automatically scan your network, identify the missing patches, test them in your environment, and deploy them to your target devices. These patch management tools can deploy patches to multiple platforms and third party applications.  

Subscribe to our newsletter for daily alerts on cyber events, you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.