Microsoft has just released the monthly security updates known as Patch Tuesday.
This month's updates are a big release, as they contain updates that fix 113 vulnerabilities in 11 products, along with four 0days already exploited by malicious users.
As always, the details remain minimal at this time. The details of the 0day Attacks are not announced for days or even weeks, to give the company time for users to repair their systems.
The four 0days fixed this month are:
CVE-2020-1020 - A vulnerability in the Windows Adobe Type Manager Library allows an attacker to run malicious code on vulnerable systems. Attacks can be carried out remotely. 0day does not affect Windows 10. Details of this vulnerability were posted last month, but the update was released today. .
CVE-2020-0938 - The second error in the same Windows Library. An error somewhat similar to the above, but its existence was revealed today, unlike the first.
CVE-2020-1027 - A Windows kernel error allows intruders to gain permissions to execute code with kernel access.
CVE-2020-0968 - An error in the Internet Explorer scripting engine could allow intruders to gain control of a remote system.
According to Microsoft, the first three 0days were discovered and reported by Google's two security teams - Project Zero and the Threat Analysis Group (TAG).
In today's Patch Tuesday, in addition to the four 0days, it fixes 109 other security vulnerabilities.