Microsoft has just released its monthly security updates known as Patches Tuesday.
This month's updates are a big release, as they contain updates that fix 113 vulnerabilities in 11 products, along with four 0days already being exploited by malicious users.
As always, the details remain minimal at this time. The details of the 0day Attacks are not announced for days or even weeks, to give the company time for users to repair their systems.
The four 0days fixed this month are:
CVE-2020-1020 - A vulnerability in the Windows Adobe Type Manager Library allows an attacker to run malicious code on vulnerable systems. Attacks can be carried out remotely. 0day does not affect Windows 10. Details of this vulnerability were posted last month, but the update was released today. .
CVE-2020-0938 - The second error in the same Windows Library. Bug somewhat similar to the above, but its existence was revealed today, unlike the first one.
CVE-2020-1027 – A bug in the Windows kernel allows attackers to gain privileges to execute code with access in the core.
CVE-2020-0968 - An error in the Internet Explorer scripting engine could allow intruders to gain control of a remote system.
According to Microsoft, the first three 0days were discovered and reported by Google's two security teams – Project Zero και the Threat Analysis Group (TAG).
In today's Patch Tuesday, in addition to the four 0days, it fixes 109 other security vulnerabilities.
The official portal of the Microsoft Update Update Guide (Security Update Guide portal ) lists all security updates in a filterable panel.
ZDNet has collected all the updates on a board.