Microsoft has released its April 2020 Patch Tuesday security updates, its first big patch update released since the work-from-home era truly got underway. This month sees the tech giant disclosing 113 vulnerabilities. Out of these, 19 are rated as critical, and 94 are rated as important. Crucially, four of the vulnerabilities are being exploited in the wild; and two of them were previously publicly disclosed.
Patch Tuesdays like this are a great reminder of how important strong IT practices are to information security. With at least four of them being exploited in the wild, if you don\’t apply these patches you\’re leaving your security team in the tough position of trying to mitigate the risk in other ways.
Sadly, patch management remains very difficult for many organizations. We continue to see the EternalBlue SMB exploit be used successfully by attackers three years after a patch was released.
Our chief security officer, Keith McCammon, coined the phrase \”better security through better IT\” and this is a perfect example.
This month’s Patch Tuesday is another considerable release, with Microsoft fixing 113 vulnerabilities, 19 of them rated as critical and 94 rated as important. Three of these vulnerabilities were exploited in the wild.
Microsoft released a patch for CVE-2020-1020, a remote code execution vulnerability in the Adobe Font Manager Library that was first made public on March 23, when Microsoft published an advisory detailing its in-the-wild exploitation. Microsoft also patched CVE-2020-0938, another remote code execution vulnerability in Adobe Font Manager Library that was also exploited in the wild. Though both affect Adobe Font Manager Library, there is currently no confirmation that the two are related to the same set of in-the-wild attacks. \”To exploit these flaws, an attacker would need to socially engineer a user into opening a malicious document or viewing the document in the Windows Preview pane.
Additionally, Microsoft patched CVE-2020-0968, a memory corruption vulnerability in Internet Explorer. This flaw exists due to the improper handling of objects in memory by the scripting engine. There are multiple scenarios in which this vulnerability could be exploited. The primary way would be to socially engineer a user into visiting a website containing the malicious code, whether owned by the attacker, or a compromised website with the malicious code injected into it. An attacker could also socially engineer the user into opening a malicious Microsoft Office document that embeds the malicious code.