Patch Tuesday, April 2020

Change theme to light Patch Tuesday, April 2020

April 14, 2020 3 Minute Read by Karl Sigler

April's Patch Tuesday is here and Microsoft is patching 113 CVEs this month. Eighteen of these are rated "Critical", 94 rated as "Important", and one rated "Moderate". The highest-profile vulnerability patched today is in the Adobe and OpenType font drivers (CVE-2020-1020 and CVE-2020-0938 respectively). These vulnerabilities were detected after being exploited as a part of a limited zero-day campaign. Among the other "Critical" vulnerabilities are Remote Code Execution (RCE) vulnerabilities in SharePoint, Dynamics, and Hyper-V.

SharePoint and Hyper-V also pop up on the list of vulnerabilities on the list rated "Important". There are also over a dozen privilege escalation vulnerabilities in the Windows kernel and various operating system components. A rarity for Patch Tuesday are patches for Apple Mac based vulnerabilities but two separate privilege escalation vulnerabilities are patched today for the Microsoft Remote Desktop (CVE-2020-0919) and RMS Sharing Apps (CVE-2020-1019) for Mac.

Make sure you wash your hands before and after patching and stay safe!

Critical

Adobe Font Manager Library Remote Code Execution Vulnerability
CVE-2020-1020
Remote Code Execution

Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2020-0969
Remote Code Execution

Dynamics Business Central Remote Code Execution Vulnerability
CVE-2020-1022
Remote Code Execution

Media Foundation Memory Corruption Vulnerability
CVE-2020-0948, CVE-2020-0949, CVE-2020-0950
Remote Code Execution

Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-0907, CVE-2020-0687
Remote Code Execution

Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0974
Information Disclosure

Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2020-0965
Remote Code Execution

OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2020-0938
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2020-0968, CVE-2020-0970
Remote Code Execution

VBScript Remote Code Execution Vulnerability
CVE-2020-0967
Remote Code Execution

Windows Hyper-V Remote Code Execution Vulnerability
CVE-2020-0910
Remote Code Execution

Important

Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0942, CVE-2020-0944, CVE-2020-1029
Elevation of Privilege

DirectX Elevation of Privilege Vulnerability
CVE-2020-0784, CVE-2020-0888
Elevation of Privilege

GDI+ Remote Code Execution Vulnerability
CVE-2020-0964
Remote Code Execution

Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008
Remote Code Execution

Media Foundation Information Disclosure Vulnerability
CVE-2020-0937, CVE-2020-0939, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947
Information Disclosure

Microsoft (MAU) Office Elevation of Privilege Vulnerability
CVE-2020-0984
Elevation of Privilege

Microsoft Defender Elevation of Privilege Vulnerability
CVE-2020-1002
Elevation of Privilege

Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2020-1049, CVE-2020-1050
Spoofing

Microsoft Dynamics Business Central/NAV Information Disclosure
CVE-2020-1018
Information Disclosure

Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-0906, CVE-2020-0979
Remote Code Execution

Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-0982, CVE-2020-0987, CVE-2020-1005
Information Disclosure

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2020-0961
Remote Code Execution

Microsoft Office Remote Code Execution Vulnerability
CVE-2020-0760, CVE-2020-0991
Remote Code Execution

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0973, CVE-2020-0978
Spoofing

Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability
CVE-2020-0919
Elevation of Privilege

Microsoft RMS Sharing App for Mac Elevation of Privilege Vulnerability
CVE-2020-1019
Security Feature Bypass

Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-0920, CVE-2020-0971
Remote Code Execution

Microsoft SharePoint Spoofing Vulnerability
CVE-2020-0972, CVE-2020-0975, CVE-2020-0976, CVE-2020-0977
Spoofing

Microsoft Visual Studio Elevation of Privilege Vulnerability
CVE-2020-0899
Elevation of Privilege

Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2020-1014
Elevation of Privilege

Microsoft Word Remote Code Execution Vulnerability
CVE-2020-0980
Remote Code Execution

Microsoft YourPhone Application for Android Authentication Bypass Vulnerability
CVE-2020-0943
Security Feature Bypass

MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability
CVE-2020-1026
Information Disclosure

OneDrive for Windows Elevation of Privilege Vulnerability
CVE-2020-0935
Elevation of Privilege

VBScript Remote Code Execution Vulnerability
CVE-2020-0966
Remote Code Execution

Visual Studio Extension Installer Service Elevation of Privilege Vulnerability
CVE-2020-0900
Elevation of Privilege

Win32k Elevation of Privilege Vulnerability
CVE-2020-0956, CVE-2020-0957, CVE-2020-0958
Elevation of Privilege

Win32k Information Disclosure Vulnerability
CVE-2020-0699, CVE-2020-0962
Information Disclosure

Windows Defender Antimalware Platform Hard Link Elevation of Privilege Vulnerability
CVE-2020-0835
Elevation of Privilege

Windows Denial of Service Vulnerability
CVE-2020-0794
Denial of Service

Windows DNS Denial of Service Vulnerability
CVE-2020-0993
Denial of Service

Windows Elevation of Privilege Vulnerability
CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011, CVE-2020-1015
Elevation of Privilege

Windows GDI Information Disclosure Vulnerability
CVE-2020-0952
Information Disclosure

Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-1004
Elevation of Privilege

Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2020-0917, CVE-2020-0918
Elevation of Privilege

Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0913, CVE-2020-1000, CVE-2020-1003, CVE-2020-1027
Elevation of Privilege

Windows Kernel Information Disclosure in CPU Memory Access
CVE-2020-0955
Information Disclosure

Windows Kernel Information Disclosure Vulnerability
CVE-2020-0821, CVE-2020-1007
Information Disclosure

Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-0940, CVE-2020-1001, CVE-2020-1006, CVE-2020-1017, CVE-2020-1016
Information Disclosure

Windows Scheduled Task Elevation of Privilege Vulnerability
CVE-2020-0936
Elevation of Privilege

Windows Token Security Feature Bypass Vulnerability
CVE-2020-0981
Security Feature Bypass

Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-0985, CVE-2020-0996
Elevation of Privilege

Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2020-0895
Remote Code Execution

Windows Work Folder Service Elevation of Privilege Vulnerability
CVE-2020-1094
Elevation of Privilege

Moderate

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0954
Spoofing

Stay Informed:

RESEARCH REPORT

Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01

RESEARCH REPORT

2024 Professional Services Threat Intelligence Brief

About the Author

Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20- year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

How Threat Actors Conduct Election Interference Operations: An Overview

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo

Experiencing a security breach?

Experiencing a security breach?

Patch Tuesday, April 2020

About the Author

ABOUT TRUSTWAVE

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave.

Experiencing a security breach?

Experiencing a security breach?

Patch Tuesday, April 2020

About the Author

ABOUT TRUSTWAVE

Latest Intelligence

Related Offerings

Discover how our specialists can tailor a security program to fit the needs of your organization.

Stay Informed

Sign up to receive the latest security news and trends straight to your inbox from Trustwave.

Discover how our specialists can tailor a security program to fit the needs of
your organization.