Posted on Wednesday, April 15 2020 @ 14:24 CEST by Thomas De Maesschalck
If you have the latest version of Windows (or the one before that), this month's dose of Microsoft's Patch Tuesday is delivered via
KB4549951. Besides security updates, this patch also fixes some non-security bugs:
Addresses an issue that prevents certain apps from installing if they are published using a Group Policy Object.
Addresses an issue that prevents a wired network interface from obtaining a new Dynamic Host Configuration Protocol (DHCP) IP address on new subnets and virtual LANs (VLAN) after wired 802.1x re-authentication. The issue occurs if you use VLANs that are based on accounts and a VLAN change occurs after a user signs in.
Security updates to the Microsoft Scripting Engine, Windows App Platform and Frameworks, Windows Cloud Infrastructure, Windows Virtualization, Microsoft Graphics Component, Windows Kernel, Windows Media, Windows Shell, Windows Management, Windows Fundamentals, Windows Virtualization, Windows Storage and Filesystems, Windows Update Stack, and the Microsoft JET Database Engine .
Moving on the the security part, this month's Patch Tuesday resolves a whopping 113 vulnerabilities in Microsoft software. This includes three zero-day vulnerabilities, of which two are actively exploited by cybercriminals, as well as 15 critical vulnerabilities, 93 with an important rating, two deemed moderate, and 2 marked as low severity.
The two zero-day remote code execution vulnerabilities in the Windows Adobe Font Manager Library were previously announced by Microsoft as they were seen being exploited in limited attacks.
These vulnerabilities are known as the CVE-2020-0938 and CVE-2020-1020 "Adobe Font Manager Library Remote Code Execution Vulnerability" and has the following description:
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.
For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.
As usual, users are advised to update asap.
