⚡ TL;DR | Go Straight to the April 2020 Patch Tuesday Audit Report.
Microsoft’s April 2020 Patch Tuesday is here with important fixes.
The April 2020 Patch Tuesday updates from Microsoft have arrived. The update contains 113 vulnerabilities in certain Microsoft products, with 19 that are rated critical. There are also 3 Zero-Day vulnerabilities reported.
With most of the workforce working from home, IT professionals are facing challenging times installing the updates released in the Patch Tuesday of April 2020.
The biggest challenge is to secure your IT environment during remote work. In a previous blog post, we published some tips for Remote IT Asset Management with Lansweeper to help you secure your remote workforce. Because of the expanding demand for VPNs and tools that allow communication and collaboration, a lot of vulnerabilities have surfaced.
3 Critical Zero-day Vulnerabilities
The Patch Tuesday, April 2020 update includes three critical zero-day vulnerabilities. There are two that are currently exploited: CVE-2020-0935 which is an Elevation of Privilege within Windows OneDrive and CVE-2020-1020 because the Adobe Font Manager Library has a vulnerability that can allow remote code execution.
Although the attacks specifically have targeted Windows 7 systems, not all Win7 systems will receive a patch since the Windows 7 End of Support in January of this year. Only those who purchased Extended Security Updates (ESUs) will receive the patch.
There is one more zero-day vulnerability covered in this month’s Patch Tuesday. CVE-2020-0938 is an exploited issue that allows Remote Code Execution within Adobe Font Manager Library so an attacker then has the ability to install programs, change data, add new accounts and much more. This can be obtained in a few ways such as letting the user open a specially made document.
Run the April 2020 Patch Tuesday Audit Report
Similar to previous months, we’ve created an Audit Report that checks if the assets in your network are on the latest Microsoft patch update. It’s color-coded to give you an easy and quick overview of which assets are already on the latest Windows update, and which ones still need to be patched. All admins are advised to install these security updates as soon as possible to protect Windows from security risks.
If you haven’t already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday, April 2020 Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.
Overview: April 2020 Security Updates
We have compiled a list of all the security updates in the Patch Tuesday, April 2020 update.
Product | CVE-CODE |
---|---|
Android App | CVE-2020-0943 |
Apps | CVE-2020-1019 |
Microsoft Dynamics | CVE-2020-1050 |
Microsoft Dynamics | CVE-2020-1018 |
Microsoft Dynamics | CVE-2020-1049 |
Microsoft Dynamics | CVE-2020-1022 |
Microsoft Graphics Component | CVE-2020-0952 |
Microsoft Graphics Component | CVE-2020-0938 |
Microsoft Graphics Component | CVE-2020-0687 |
Microsoft Graphics Component | CVE-2020-0987 |
Microsoft Graphics Component | CVE-2020-1004 |
Microsoft Graphics Component | CVE-2020-1005 |
Microsoft Graphics Component | CVE-2020-0958 |
Microsoft Graphics Component | CVE-2020-0907 |
Microsoft Graphics Component | CVE-2020-0982 |
Microsoft Graphics Component | CVE-2020-0964 |
Microsoft Graphics Component | CVE-2020-1020 |
Microsoft Graphics Component | CVE-2020-0784 |
Microsoft JET Database Engine | CVE-2020-0995 |
Microsoft JET Database Engine | CVE-2020-0999 |
Microsoft JET Database Engine | CVE-2020-0988 |
Microsoft JET Database Engine | CVE-2020-0992 |
Microsoft JET Database Engine | CVE-2020-0994 |
Microsoft JET Database Engine | CVE-2020-0953 |
Microsoft JET Database Engine | CVE-2020-0889 |
Microsoft JET Database Engine | CVE-2020-0959 |
Microsoft JET Database Engine | CVE-2020-0960 |
Microsoft JET Database Engine | CVE-2020-1008 |
Microsoft Office | CVE-2020-0979 |
Microsoft Office | CVE-2020-0980 |
Microsoft Office | CVE-2020-0984 |
Microsoft Office | CVE-2020-0760 |
Microsoft Office | CVE-2020-0991 |
Microsoft Office | CVE-2020-0961 |
Microsoft Office | CVE-2020-0931 |
Microsoft Office | CVE-2020-0906 |
Microsoft Office | CVE-2020-0935 |
Microsoft Office SharePoint | CVE-2020-0927 |
Microsoft Office SharePoint | CVE-2020-0923 |
Microsoft Office SharePoint | CVE-2020-0925 |
Microsoft Office SharePoint | CVE-2020-0924 |
Microsoft Office SharePoint | CVE-2020-0932 |
Microsoft Office SharePoint | CVE-2020-0930 |
Microsoft Office SharePoint | CVE-2020-0933 |
Microsoft Office SharePoint | CVE-2020-0920 |
Microsoft Office SharePoint | CVE-2020-0929 |
Microsoft Office SharePoint | CVE-2020-0971 |
Microsoft Office SharePoint | CVE-2020-0975 |
Microsoft Office SharePoint | CVE-2020-0978 |
Microsoft Office SharePoint | CVE-2020-0977 |
Microsoft Office SharePoint | CVE-2020-0976 |
Microsoft Office SharePoint | CVE-2020-0974 |
Microsoft Office SharePoint | CVE-2020-0973 |
Microsoft Office SharePoint | CVE-2020-0972 |
Microsoft Office SharePoint | CVE-2020-0954 |
Microsoft Office SharePoint | CVE-2020-0926 |
Microsoft Scripting Engine | CVE-2020-0968 |
Microsoft Scripting Engine | CVE-2020-0966 |
Microsoft Scripting Engine | CVE-2020-0895 |
Microsoft Scripting Engine | CVE-2020-0969 |
Microsoft Scripting Engine | CVE-2020-0970 |
Microsoft Scripting Engine | CVE-2020-0967 |
Microsoft Windows | CVE-2020-0942 |
Microsoft Windows | CVE-2020-0965 |
Microsoft Windows | CVE-2020-0940 |
Microsoft Windows | CVE-2020-0934 |
Microsoft Windows | CVE-2020-1029 |
Microsoft Windows | CVE-2020-1011 |
Microsoft Windows | CVE-2020-1094 |
Microsoft Windows | CVE-2020-1016 |
Microsoft Windows | CVE-2020-0794 |
Microsoft Windows | CVE-2020-1017 |
Microsoft Windows | CVE-2020-0944 |
Microsoft Windows | CVE-2020-1006 |
Microsoft Windows | CVE-2020-1009 |
Microsoft Windows | CVE-2020-0981 |
Microsoft Windows | CVE-2020-1001 |
Microsoft Windows DNS | CVE-2020-0993 |
Open Source Software | CVE-2020-1026 |
Remote Desktop Client | CVE-2020-0919 |
Visual Studio | CVE-2020-0899 |
Visual Studio | CVE-2020-0900 |
Windows Defender | CVE-2020-1002 |
Windows Defender | CVE-2020-0835 |
Windows Hyper-V | CVE-2020-0918 |
Windows Hyper-V | CVE-2020-0910 |
Windows Hyper-V | CVE-2020-0917 |
Windows Kernel | CVE-2020-0699 |
Windows Kernel | CVE-2020-1027 |
Windows Kernel | CVE-2020-1003 |
Windows Kernel | CVE-2020-0955 |
Windows Kernel | CVE-2020-1015 |
Windows Kernel | CVE-2020-1000 |
Windows Kernel | CVE-2020-1007 |
Windows Kernel | CVE-2020-0957 |
Windows Kernel | CVE-2020-0936 |
Windows Kernel | CVE-2020-0956 |
Windows Kernel | CVE-2020-0962 |
Windows Kernel | CVE-2020-0821 |
Windows Kernel | CVE-2020-0913 |
Windows Kernel | CVE-2020-0888 |
Windows Media | CVE-2020-0948 |
Windows Media | CVE-2020-0937 |
Windows Media | CVE-2020-0949 |
Windows Media | CVE-2020-0939 |
Windows Media | CVE-2020-0950 |
Windows Media | CVE-2020-0946 |
Windows Media | CVE-2020-0947 |
Windows Media | CVE-2020-0945 |
Windows Update Stack | CVE-2020-0996 |
Windows Update Stack | CVE-2020-1014 |
Windows Update Stack | CVE-2020-0983 |
Windows Update Stack | CVE-2020-0985 |
„*“ zeigt erforderliche Felder an
Receive the Latest Patch Tuesday Report for FREE Every Month