Microsoft just released the monthly security updates which are known as Patch Tuesday.
This month's updates are a big release, as they contain updates that fix 113 vulnerabilities in 11 products, along with four 0days already exploited by malicious users.
As always, the details remain minimal at this time. The details of the 0day attacks are not announced for days or even weeks, to give the company time for users to patch their systems.
The four 0days fixed this month are:
CVE-2020-1020 - A vulnerability in the Windows Adobe Type Manager Library allows an attacker to run malicious code on vulnerable systems. Attacks can be carried out remotely. 0day does not affect Windows 10. Details of this vulnerability were posted last month, but the update was released today. .
CVE-2020-0938 - The second error in the same Windows Library. An error somewhat similar to the above, but its existence was revealed today, unlike the first.
CVE-2020-1027 – A bug in the Windows kernel allows attackers to gain privileges to execute code with access in the core.
CVE-2020-0968 – An error in the Internet Explorer scripting engine μπορεί να επιτρέψει στους εισβολείς να πάρουν τον έλεγχο ενός απομακρυσμένου συστήματος.
According to Microsoft, the first three 0days were discovered and reported by Google's two security teams - Project Zero and the Threat Analysis Group (TAG).
In today's Patch Tuesday, in addition to the four 0days, it fixes 109 other security vulnerabilities.
The official portal of the Microsoft Update Update Guide (Security Update Guide portal ) lists all security updates in a filterable panel.
ZDNet has collected all the updates on a board.
