The April Patch Tuesday updates bring fixes to 118 CVEs

Vlad Turiceanu
by Vlad Turiceanu
Passionate about technology, Windows, and everything that has a power button, he spent most of his time developing new skills and learning more about the tech world. Coming from a solid background in PC... Read more
Affiliate Disclosure
april patch tuesday cve

Microsoft has just rolled out the April Patch Tuesday updates, and from a security standpoint, they seem to follow the same trend as in recent months.

While the February Patch Tuesday updates brought fixes to 99 CVEs and the March updates fixed 115 CVEs, this round of updates seems to cover 113 different CVEs.

These CVEs cover Microsoft Windows, Microsoft Edge (EdgeHTML-based and Chromium-based), ChakraCore, Internet Explorer, Office, and Office Services and Web Apps, Windows Defender, and other important Windows components.

118 CVEs were identified and dealt with this month

Of the 118 CVEs identified this month, 5 were for Adobe products, and 113 were for Microsoft products

The Adobe CVEs targeted Adobe ColdFusion, After Effects, and Digital Editions, all of which were rated Important.

As for the CVEs concerning Microsoft, projects, here is a brief summary of the CVEs identified during this round of updates:

  • 17 are rated Critical
  • 96 are rated Important in severity

Which were some of the most severe CVEs?

  • CVE-2020-1020
    •  Adobe Font Manager Library Remote Code Execution Vulnerability
  • CVE-2020-0938
    • OpenType Font Parsing Remote Code Execution Vulnerability
  • CVE-2020-0993
    • Windows DNS Denial of Service Vulnerability
  • CVE-2020-0981
    • Windows Token Security Feature Bypass Vulnerability

These are the most important CVEs covered by Microsoft during the April 2020 round of Patch Tuesday Updates. For the next set of updates, users will have to wait until May 12.

  • Who maintains CVE?
The MITRE Corporation currently maintains CVE. It also provides impartial technical guidance throughout the process to ensure CVE serves the public interest.
  • What is CVE in security?
CVEs provide a reference-method for publicly known information-security, vulnerabilities, and exposures completely free.

This article covers:Topics: