News

Microsoft fixes zero days that were actively abused with Windows 10 update 10-

By admin
Spread the love

During Windows 10’s monthly update cycle, Microsoft fixed two vulnerabilities that were actively exploited by attackers, among other things. The zerodays enabled remote code executions and privilege escalations.

The vulnerabilities have been fixed in the April 2020 Update for Windows 10. In it, Microsoft fixes several vulnerabilities, including four zerodays. Two of the vulnerabilities had already been disclosed. These are vulnerabilities in the Adobe Type Manager library, which allowed remote code execution on a system. Microsoft previously said that those vulnerabilities were being actively exploited, but the company only had a mitigation and no fix yet.

In addition to the known vulnerabilities, Microsoft also fixed two vulnerabilities that were known but not actively exploited. These include a local privilege escalation vulnerability in OneDrive with code CVE-2020-0935 and a third remote code execution vulnerability in the Adobe Font Manager library with code CVE-2020-1020. Microsoft fixes a total of 113 vulnerabilities in the April Update. Fifteen of these are reported as ‘critical’ and 93 as ‘important’.

You might also like
News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

‘Microsoft wants to postpone deadline for Activision Blizzard…

News

Rumor: EU starts investigation into Microsoft for including Teams with Office