April 2020 Patch Bulletin

April 2020 Patch Bulletin

There are 112 unique CVE’s listed, 6 technologies with critical vulnerabilities, 3 vulnerabilities that were exploited in the wild, and one of those vulnerabilities was publicly disclosed. 

This month we pay close attention to CVE-2020-0938, CVE-2020-1020 and CVE-2020-1027. In the case of CVE-2020-0938 and CVE-2020-1020 attacks could execute code with full user rights unless the system is running Windows 10. CVE-2020-1027 will require an attacker to have local access to a machine and then execute a malicious application to elevate privileges.

CVE-2020-0938 |CVE-2020-1020| Adobe Font Manager Library Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.

For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.

The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles Type1 fonts.

CVE-2020-1027 | Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.

For additional details, please find the information from Microsoft below:

Technology Products Affected SeverityReferenceWorkaround/Exploited/ Publicly Disclosed Vulnerability Info
 
WindowsWindows 8.1, 8.1 RT, 10, Server 2012, 2016, 2019CriticalCVE-2020-0687
CVE-2020-0699
CVE-2020-0784
CVE-2020-0794
CVE-2020-0796
CVE-2020-0821
CVE-2020-0888
CVE-2020-0889
CVE-2020-0907
CVE-2020-0910
CVE-2020-0913
CVE-2020-0917
CVE-2020-0918
CVE-2020-0934
CVE-2020-0936
CVE-2020-0937
CVE-2020-0938*
CVE-2020-0939
CVE-2020-0940
CVE-2020-0940
CVE-2020-0942
CVE-2020-0944
CVE-2020-0945
CVE-2020-0946
CVE-2020-0947
CVE-2020-0948
CVE-2020-0949
CVE-2020-0950
CVE-2020-0952
CVE-2020-0953
CVE-2020-0955
CVE-2020-0956
CVE-2020-0958
CVE-2020-0959
CVE-2020-0960
CVE-2020-0962
CVE-2020-0964
CVE-2020-0965
CVE-2020-0981
CVE-2020-0981
CVE-2020-0982
CVE-2020-0983
CVE-2020-0985
CVE-2020-0987
CVE-2020-0988
CVE-2020-0992
CVE-2020-0993
CVE-2020-0994
CVE-2020-0995
CVE-2020-0996
CVE-2020-0999
CVE-2020-1000
CVE-2020-1001
CVE-2020-1003
CVE-2020-1004
CVE-2020-1005
CVE-2020-1006
CVE-2020-1007
CVE-2020-1008
CVE-2020-1009
CVE-2020-1011
CVE-2020-1014
CVE-2020-1015
CVE-2020-1016
CVE-2020-1017
CVE-2020-1020
CVE-2020-1027
CVE-2020-1029
CVE-2020-1094
*Workaround: Yes
Public: Yes
Exploited: Yes
Denial of Service
Elevation of Privilege
Information Disclosure
Security Feature Bypass
Remote Code Execution
Edge HTML-basedLegacyCriticalCVE-2020-0969
CVE-2020-0970
Workaround: No
Public: No
Exploited: No
Remote Code Execution
ChakraCoreAllCriticalCVE-2020-0969
CVE-2020-0970
Workaround: No
Exploited: No
Public: No
Remote Code Execution
IE11CriticalCVE-2020-0895
CVE-2020-0966
CVE-2020-0967
CVE-2020-0968
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Office, Office Services, Office Web AppsOffice 2010, 2013, 2016, 2019
2016 for Mac, 2019 for Mac, AutoUpdate for Mac
Project 2010, 2013, 2016, Server 2013
Publisher 2010, 2013, 2016
SharePoint Enterprise Server 2013, 2016
Foundation 2010, 2013
Server 2020, 2019
Visio 2010, 2013, 2016
Office 365
OneDrive for Windows
CriticalCVE-2020-0687
CVE-2020-0699
CVE-2020-0784
CVE-2020-0794
CVE-2020-0796
CVE-2020-0821
CVE-2020-0888
CVE-2020-0889
CVE-2020-0907
CVE-2020-0910
CVE-2020-0913
CVE-2020-0917
CVE-2020-0918
CVE-2020-0934
CVE-2020-0936
CVE-2020-0937
CVE-2020-0938*
CVE-2020-0939
CVE-2020-0940
CVE-2020-0940
CVE-2020-0942
CVE-2020-0944
CVE-2020-0945
CVE-2020-0946
CVE-2020-0947
CVE-2020-0948
CVE-2020-0949
CVE-2020-0950
CVE-2020-0952
CVE-2020-0953
CVE-2020-0955
CVE-2020-0956
CVE-2020-0958
CVE-2020-0760
CVE-2020-0906
CVE-2020-0920
CVE-2020-0923
CVE-2020-0924
CVE-2020-0925
CVE-2020-0926
CVE-2020-0927
CVE-2020-0929
CVE-2020-0930
CVE-2020-0931
CVE-2020-0932
CVE-2020-0933
CVE-2020-0935
CVE-2020-0954
CVE-2020-0961
CVE-2020-0971
CVE-2020-0971
CVE-2020-0972
CVE-2020-0973
CVE-2020-0974
CVE-2020-0975
CVE-2020-0976
CVE-2020-0977
CVE-2020-0978
CVE-2020-0979
CVE-2020-0980
CVE-2020-0984
CVE-2020-0991
Workaround: No
Exploited: No
Public: Yes
Elevation of Privilege
Remote Code Execution
Spoofing
DefenderAllImportantCVE-2020-0835
CVE-2020-1002
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Azure DevOps2019ImportantCVE-2020-0700
CVE-2020-0758
CVE-2020-0815
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Spoofing
Visual Studio
2015, 2017, 2019
ImportantCVE-2020-0899
CVE-2020-0900
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
DynamicsDynamics 365 Central 2019
On Prem Dynamics Server V9
Dynamics NAV 2013, 2015, 2016, 2017, 2018
CriticalCVE-2020-1018
CVE-2020-1022
CVE-2020-1049
CVE-2020-1050
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Information Disclosure
Spoofing
Apps for AndroidPhone Companion App for AndroidImportantCVE-2020-0943Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Apps for MacRMS Sharing for Mac, Remote Desktop for MacCriticalCVE-2020-1019
CVE-2020-0919
Workaround: No
Exploited: No
Public: No
Elevation of Privilege

In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.