Microsoft Issues Patches for 4 Bugs Exploited as Zero-Day in the Wild

Windows Update

It’s April 2020 Patch Tuesday, and during these challenging times of coronavirus pandemic, this month’s patch management process would not go easy for many organizations where most of the resources are working remotely.

Microsoft today released the latest batch of software security updates for all supported versions of its Windows operating systems and other products that patch a total of 113 new security vulnerabilities, 17 of which are critical and 96 rated important in severity.

Patches for 4 Zero-Days Exploited In the Wild

Most importantly, two of the security flaws have been reported as being publicly known at the time of release, and the four are being actively exploited in the wild by hackers.

One of the publicly disclosed flaws, which was also exploited as zero-day, resides in the Adobe Font Manager Library used by Windows, the existence of which Microsoft revealed last month within an early security warning for its millions of users.

Tracked as CVE-2020-1020, the remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.

As…

http://feedproxy.google.com/~r/TheHackersNews/~3/bg2ykW6lfZA/windows-patch-update.html

Leave a Reply