Microsoft released the monthly patch Tuesday for April and this time it comes with a 100-plus batch of security updates which includes three currently exploited vulnerabilities.
This month had 113 vulnerabilities across 11 products. Of these vulnerabilities, 15 are classified as Critical, 93 as Important, 3 as Moderate, and 2 as Low.
The three vulnerabilities which are exploited in the wild include CVE-2020-1020, CVE-2020-0938, and CVE-2020-1027.
The vulnerability CVE-2020-1020 resides in the Windows Adobe Type Manager Library that permits an attacker to run code on vulnerable systems. The attacks can be executed remotely and it does not impact Windows 10.
The vulnerability CVE-2020-0938 is also found in Windows Adobe Type Manager Library which is similar to the other flaw, but its existence was disclosed only today.
CVE-2020-1027 is a bug in the Windows kernel that allows attackers to elevate privileges to run code with kernel access.
Microsoft stated that these three vulnerabilities were discovered and reported by Google’s two security teams — Project Zero and the Threat Analysis Group (TAG).
All the users are highly recommended to install these security updates as soon as possible to protect Windows from known security risks.