Microsoft has published its Patch Tuesday update for April, which fixes 113 vulnerabilities across 11 different Microsoft products.
Among these vulnerabilities are three zero-day bugs that are being exploited in the wild on Windows computers.
These three zero-day vulnerabilities are as follows:
This vulnerability exists in the Windows Adobe Type Manager Library where an attacker can execute code on the target system remotely.
On Windows 10 systems, however, the attacker can only execute code in an AppContainer sandbox context with limited privileges and capabilities.
However, this allows the attacker to install programs; view, change, or delete data; or create new accounts with full user rights.
The vulnerability can be exploited in a variety of ways, such as convincing a target to open a malicious document.
This bug is almost identical to the first one. It takes place in the same library, and also allows remote execution on non-Windows 10 systems.
Likewise, on Windows 10, code can be executed with limited privileges in an AppContainer sandbox, from which the malicious party can perform various actions to attack the target’s device.
Microsoft published mitigation measures last month which can be applied both to CVE-2020-1020 and CVE-2020-0938 to block these attacks.
The final exploit active in the wild allows an attacker to execute code with elevated permissions.
This is caused by the way the Windows Kernel handles objects in memory.
To exploit this flaw, attackers need to run a specially crafted application.
The April 2020 Patch Tuesday update offers a variety of other security updates that span across a variety of Microsoft software products.
- Microsoft Windows
- Microsoft Edge (EdgeHTML-based)
- Microsoft Edge (Chromium-based)
- Internet Explorer
- Microsoft Office and Microsoft Office Services and Web Apps
- Windows Defender
- Visual Studio
- Microsoft Dynamics
- Microsoft Apps for Android
- Microsoft Apps for Mac
Users running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates.