Today is Microsoft’s April 2020 Patch Tuesday, and with everything going on, it is going to be particularly stressful for Windows administrators, so be especially nice to them today.
With the release of the April 2020 security updates, Microsoft has released fixes for 113 vulnerabilities in Microsoft products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low.
Of particular interest, Microsoft patched three zero-day vulnerabilities, with two of them being seen actively exploited in attacks.
Users should install these security updates as soon as possible to protect Windows from known security risks.
For information about the non-security Windows updates, you can read about today’s Windows 10 KB4549951 & KB4549949 cumulative updates.
Zero-day vulnerabilities fixed in April 2020
Microsoft has stated that two zero-day vulnerabilities have been publicly disclosed and two have been known to be exploited in the wild.
The publicly released vulnerabilities are:
- CVE-2020-0935 – OneDrive for Windows Elevation of Privilege Vulnerability
- CVE-2020-1020 – Adobe Font Manager Library Remote Code Execution Vulnerability
The publicly exploited vulnerabilities are:
- CVE-2020-0938 – Adobe Font Manager Library Remote Code Execution Vulnerability
- CVE-2020-1020 – Adobe Font Manager Library Remote Code Execution Vulnerability
Patch released for Adobe Font Manager zero-day vulnerabilities
The two zero-day remote code execution vulnerabilities in the Windows Adobe Font Manager Library were previously announced by Microsoft as they were seen being exploited in limited attacks.
These vulnerabilities are known as the CVE-2020-0938 and CVE-2020-1020 “Adobe Font Manager Library Remote Code Execution Vulnerability” and has the following description:
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.
For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.
Previously, various workarounds were released, such as disabling preview panes, various services, and registry modifications to reduce the security risks or block attacks.
With this security update installed, these workarounds are no longer necessary, and users who have applied them should undo them as they are no longer needed.
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
.jpg)
