Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

April's Patch Tuesday is here and Microsoft is patching 113 CVEs this month. Eighteen of these are rated "Critical", 94 rated as "Important", and one rated "Moderate". The highest-profile vulnerability patched today is in the Adobe and OpenType font drivers (CVE-2020-1020 and CVE-2020-0938 respectively). These vulnerabilities were detected after being exploited as a part of a limited zero-day campaign. Among the other "Critical" vulnerabilities are Remote Code Execution (RCE) vulnerabilities in SharePoint, Dynamics, and Hyper-V.

SharePoint and Hyper-V also pop up on the list of vulnerabilities on the list rated "Important". There are also over a dozen privilege escalation vulnerabilities in the Windows kernel and various operating system components. A rarity for Patch Tuesday are patches for Apple Mac based vulnerabilities but two separate privilege escalation vulnerabilities are patched today for the Microsoft Remote Desktop (CVE-2020-0919) and RMS Sharing Apps (CVE-2020-1019) for Mac.

Make sure you wash your hands before and after patching and stay safe!


Critical

Adobe Font Manager Library Remote Code Execution Vulnerability
CVE-2020-1020
Remote Code Execution

Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2020-0969
Remote Code Execution

Dynamics Business Central Remote Code Execution Vulnerability
CVE-2020-1022
Remote Code Execution

Media Foundation Memory Corruption Vulnerability
CVE-2020-0948, CVE-2020-0949, CVE-2020-0950
Remote Code Execution

Microsoft Graphics Components Remote Code Execution Vulnerability
CVE-2020-0907, CVE-2020-0687
Remote Code Execution

Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-0929, CVE-2020-0931, CVE-2020-0932, CVE-2020-0974
Information Disclosure

Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2020-0965
Remote Code Execution

OpenType Font Parsing Remote Code Execution Vulnerability
CVE-2020-0938
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2020-0968, CVE-2020-0970
Remote Code Execution

VBScript Remote Code Execution Vulnerability
CVE-2020-0967
Remote Code Execution

Windows Hyper-V Remote Code Execution Vulnerability
CVE-2020-0910
Remote Code Execution

 

Important

Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
CVE-2020-0942, CVE-2020-0944, CVE-2020-1029
Elevation of Privilege

DirectX Elevation of Privilege Vulnerability
CVE-2020-0784, CVE-2020-0888
Elevation of Privilege

GDI+ Remote Code Execution Vulnerability
CVE-2020-0964
Remote Code Execution

Jet Database Engine Remote Code Execution Vulnerability
CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008
Remote Code Execution

Media Foundation Information Disclosure Vulnerability
CVE-2020-0937, CVE-2020-0939, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947
Information Disclosure

Microsoft (MAU) Office Elevation of Privilege Vulnerability
CVE-2020-0984
Elevation of Privilege

Microsoft Defender Elevation of Privilege Vulnerability
CVE-2020-1002
Elevation of Privilege

Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
CVE-2020-1049, CVE-2020-1050
Spoofing

Microsoft Dynamics Business Central/NAV Information Disclosure
CVE-2020-1018
Information Disclosure

Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-0906, CVE-2020-0979
Remote Code Execution

Microsoft Graphics Component Information Disclosure Vulnerability
CVE-2020-0982, CVE-2020-0987, CVE-2020-1005
Information Disclosure

Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
CVE-2020-0961
Remote Code Execution

Microsoft Office Remote Code Execution Vulnerability
CVE-2020-0760, CVE-2020-0991
Remote Code Execution

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0923, CVE-2020-0924, CVE-2020-0925, CVE-2020-0926, CVE-2020-0927, CVE-2020-0930, CVE-2020-0933, CVE-2020-0973, CVE-2020-0978
Spoofing

Microsoft Remote Desktop App for Mac Elevation of Privilege Vulnerability
CVE-2020-0919
Elevation of Privilege

Microsoft RMS Sharing App for Mac Elevation of Privilege Vulnerability
CVE-2020-1019
Security Feature Bypass

Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-0920, CVE-2020-0971
Remote Code Execution

Microsoft SharePoint Spoofing Vulnerability
CVE-2020-0972, CVE-2020-0975, CVE-2020-0976, CVE-2020-0977
Spoofing

Microsoft Visual Studio Elevation of Privilege Vulnerability
CVE-2020-0899
Elevation of Privilege

Microsoft Windows Update Client Elevation of Privilege Vulnerability
CVE-2020-1014
Elevation of Privilege

Microsoft Word Remote Code Execution Vulnerability
CVE-2020-0980
Remote Code Execution

Microsoft YourPhone Application for Android Authentication Bypass Vulnerability
CVE-2020-0943
Security Feature Bypass

MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability
CVE-2020-1026
Information Disclosure

OneDrive for Windows Elevation of Privilege Vulnerability
CVE-2020-0935
Elevation of Privilege

VBScript Remote Code Execution Vulnerability
CVE-2020-0966
Remote Code Execution

Visual Studio Extension Installer Service Elevation of Privilege Vulnerability
CVE-2020-0900
Elevation of Privilege

Win32k Elevation of Privilege Vulnerability
CVE-2020-0956, CVE-2020-0957, CVE-2020-0958
Elevation of Privilege

Win32k Information Disclosure Vulnerability
CVE-2020-0699, CVE-2020-0962
Information Disclosure

Windows Defender Antimalware Platform Hard Link Elevation of Privilege Vulnerability
CVE-2020-0835
Elevation of Privilege

Windows Denial of Service Vulnerability
CVE-2020-0794
Denial of Service

Windows DNS Denial of Service Vulnerability
CVE-2020-0993
Denial of Service

Windows Elevation of Privilege Vulnerability
CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011, CVE-2020-1015
Elevation of Privilege

Windows GDI Information Disclosure Vulnerability
CVE-2020-0952
Information Disclosure

Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-1004
Elevation of Privilege

Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2020-0917, CVE-2020-0918
Elevation of Privilege

Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0913, CVE-2020-1000, CVE-2020-1003, CVE-2020-1027
Elevation of Privilege

Windows Kernel Information Disclosure in CPU Memory Access
CVE-2020-0955
Information Disclosure

Windows Kernel Information Disclosure Vulnerability
CVE-2020-0821, CVE-2020-1007
Information Disclosure

Windows Push Notification Service Elevation of Privilege Vulnerability
CVE-2020-0940, CVE-2020-1001, CVE-2020-1006, CVE-2020-1017, CVE-2020-1016
Information Disclosure

Windows Scheduled Task Elevation of Privilege Vulnerability
CVE-2020-0936
Elevation of Privilege

Windows Token Security Feature Bypass Vulnerability
CVE-2020-0981
Security Feature Bypass

Windows Update Stack Elevation of Privilege Vulnerability
CVE-2020-0985, CVE-2020-0996
Elevation of Privilege

Windows VBScript Engine Remote Code Execution Vulnerability
CVE-2020-0895
Remote Code Execution

Windows Work Folder Service Elevation of Privilege Vulnerability
CVE-2020-1094
Elevation of Privilege

 

Moderate

Microsoft Office SharePoint XSS Vulnerability
CVE-2020-0954
Spoofing

About the Author

Karl Sigler is Security Research Manager, SpiderLabs Threat Intelligence at Trustwave. Karl is a 20-year infosec veteran responsible for research and analysis of current vulnerabilities, malware and threat trends at Trustwave. Follow Karl on LinkedIn.

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo