Skip to main content
SolarWinds MSP
  • Login
  • Support
  • Partnerships
    • Partnerships Overview
    • Solution Provider Program
    • Technology Alliance Program
    • Distributor Program
SolarWinds MSP
  • Products
    • SolarWinds N-central Automate what you need. Tackle complex networks. Try this remote monitoring and management solution built to help maximize efficiency and scale.
    • SolarWinds RMM Start fast. Grow at your own pace. Try this powerful but simple remote monitoring and management solution.
    • SolarWinds EDR Defend against ransomware, zero-day attacks, and evolving online threats with Endpoint Detection and Response
    • SolarWinds Backup Manage data protection for servers, workstations applications, documents and Microsoft 365 from one SaaS dashboard.
    • Mail Protection & Archiving Protect users from email threats and downtime.
    • Password Management Easily adopt and demonstrate best practice password and documentation management workflows.
      • Passportal Demo
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking for...

    • Security Solutions
    • Monitoring Solutions
    • Efficiency Solutions
  • Resources
    • Blog
    • Webcasts & Events
    • Ask the N-central Experts
    • Daily Live Demos
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webcasts
    • Resource Center
    • COVID-19 Resources
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute Webinar Series
    • MSP Advice Project
  • About
    • Contact
    • Customer Success
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
      • COVID-19 Response
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • IT Departments
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Passportal
    • SolarWinds N-central
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
  • Request a Quote
  • Try Now
    • SolarWinds RMM
    • SolarWinds N-central
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Passportal
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Request quote
Filter Blogs
  • Filter by:
  • MSP Business
    • Automation
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Cybersecurity Awareness Month
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • The Head Nerds
    • Tips & Advice
    • Training
Home Blog MSP Business Security April 2020 Patch Tuesday Update: 113 CVE Numbers Addressed
Security

April 2020 Patch Tuesday Update: 113 CVE Numbers Addressed

By Gill Langston
15 April, 2020

This month’s Patch Tuesday release contains 113 total CVE numbers addressed, with 19 of them listed as “Critical,” including a fix for a recently announced 0-day vulnerability from March. The “Critical” vulnerabilities affect Windows operating systems, browsers, SharePoint, and Microsoft Dynamics. Three vulnerabilities are listed as “Exploit Detected” this month. 

Operating systems

First, let’s look at the “Critical” vulnerabilities in the operating systems, plus one “Important” that should get some attention. It should be noted that five of the “Critical” vulnerabilities are in Windows 7 and Server 2008 (R2) and require an extended security updates agreement with Microsoft to patch them.

CVE-2020-0938 and CVE-2020-1020 are fixes for a 0-day vulnerability that was announced on March 22 by Microsoft. Both are "Remote Code Execution" vulnerabilities in Adobe Font Manager Library. Microsoft reports seeing Windows 7 systems being exploited actively (“Exploit Detected”), while Windows 10 systems are listed as "Exploitation Less Likely," mainly because newer versions of the operating system handle these threats differently by executing the code in an AppContainer context. Therefore, Microsoft has listed these as "Critical" for Windows 7, 8, 8.1, and the corresponding server versions, while they are listed as "Important" for Windows 10 and the corresponding server versions.

CVE-2020-0910 is a vulnerability in Windows Hyper-V, and affects Windows 10 versions 1809, 1903, and 1909 as well as Windows Server 2019 (including Core). It also applies to Server Core versions 1903 and 1909. This vulnerability would allow an attacker that had access to a guest operating system to execute code on the host operating system (sometimes referred to as hypervisor escape).

Next up we have a trio of similar "Media Foundation Memory Corruption" vulnerabilities: CVE-2020-0948 , CVE-2020-0949 , and CVE-2020-0950 , which are all listed as "Exploitation Less Likely."

These three vulnerabilities affect all operating systems from Windows 7 to the most recent version of Windows 10, including Server 2008 up to Windows server 1909. Microsoft states an attacker could gain full control over a system if the user was convinced to open an attachment or visit a malicious web page.

CVE-2020-0687 is a Microsoft Graphics "Remote Code Execution" vulnerability that would require a user to open a document or visit a malicious website that contains specially crafted embedded fonts and would grant the attacker the same rights as the user.

CVE-2020-0907 is a vulnerability in Microsoft Graphics Components that would grant an attacker the ability to execute arbitrary code, regardless of user level, if the user opened a specially crafted file.

CVE-2020-0965 is a vulnerability in Microsoft Windows Codecs that would grant an attacker the ability to execute arbitrary code, regardless of user level, if the user opened a specially crafted image file.

Notable “Important” operating system vulnerability

There is one other vulnerability of note, which interestingly is listed as "Important," but is also listed as "Exploitation Detected" by Microsoft. CVE-2020-1027 is an "Elevation of Privilege" vulnerability in Windows 7 up to current versions (including all server versions). The attacker would, however, need authenticated access to the system to execute this vulnerability.

Browsers

There are four "Critical" browser/scripting engine vulnerabilities this month.

The first two, CVE-2020-0970 and CVE-2020-0970, are in the EdgeHTML-based Edge browser on Windows 10, Server 2016, and Server 2019.

The other two affect Internet Explorer on all operating systems from Windows 7 up to current versions of Windows 10, including all server versions.

CVE-2020-0967 is VBScript vulnerability that could allow an attacker to gain the same rights as a user on a system, and is listed as "Exploitation Less Likely."

CVE-2020-0968 is a similar Scripting Engine vulnerability but is listed as "Exploitation More Likely" by Microsoft.

SharePoint

There are five vulnerabilities listed as Critical in SharePoint. All of them would require an attacker to successfully upload a specially crafted SharePoint application package to the affected version of SharePoint.

Microsoft Dynamics

CVE-2020-1022 is a "Remote Code Execution" vulnerability listed as "Exploitation Less Likely."

Adobe releases

Adobe follows the Patch Tuesday schedule as well, and this week released security fixes for Digital Editions, ColdFusion, and After Effects—more information can be found on their Security Bulletins and Advisories page.

Summary

With a patch for a recently announced 0-day in Windows operating systems, it is recommended to prioritize Internet-facing user workstations first with operating system patches. Then focus on your Servers. Finally, update SharePoint servers and Microsoft Dynamics.

As always, we recommend testing these patches on a small set of systems before approving them for wider deployment.

Additionally, you may notice many of these patches require a user to click on a file or visit a malicious website. That is why it is critical to combine a patching strategy with a layered approach and protect the vectors of attack with email protection, endpoint protection, and web protection to ensure the best security for all users.

Let’s stay safe out there!

 

Gill Langston is head security nerd for SolarWinds MSP. You can follow Gill on Twitter at @cybersec_nerd

 

You might also like...
Security

January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be

Security

December 2020 Patch Tuesday—A quiet(er) finish to a busy year in vulnerabilities

Security

National Computer Security Day—It’s Not Just About the Computer Anymore

Security

November 2020 Patch Tuesday Update: 111 CVE Numbers Addressed

Security

US-CERT Releases Warning to Healthcare Organizations about Elevated Ransomware Risks

Security

EDR Is Now Integrated with SolarWinds RMM

Want to stay up to date?

Get the latest MSP tips, tricks, and ideas sent to your inbox each week.

Loading form....

If the form does not load in a few seconds, it is probably because your browser is using Tracking Protection. This is either an Ad Blocker plug-in or your browser is in private mode. Please allow tracking on this page to request a subscription.

Note: Firefox users may see a shield icon to the left of the URL in the address bar. Click on this to disable tracking protection for this session/site

Recent Posts
  • January 2021 Patch Tuesday: One Actively Exploited Vulnerability and a Few Likely to Be
  • TAP Blog Series: Maximizing Your Service Delivery Opportunity
  • Why Do MSPs Choose SolarWinds Backup? IT Central Station Finds Out
  • Seven Features Remote Assistance Software Should Have
  • TAP Blog Series: Creating Your Automation Strategy—Three Key Components You Must Have in Place
Categories:
  • Security (229)
  • Tips & Advice (122)
  • Best Practices (94)
  • Managed Services (86)
  • Backup & Disaster Recovery (82)
  • Business Growth (75)
  • The Head Nerds (74)
  • IT Support (41)
  • Business (39)
  • Cybersecurity (37)
  • Automation (36)
  • Operations (33)
  • Mail (33)
  • Remote Management (27)
  • ITSM (25)
  • Data (21)
  • Cloud Computing (21)
  • Networking (21)
  • Marketing (14)
  • Product (11)
  • PSA (10)
  • Services & Support (4)
  • Mobile (4)
  • Risk Intelligence (4)
  • Service Desk (4)
  • Internet of Things (3)
  • Customer Service (3)
  • GDPR (2)
  • Research & Trends (2)
  • Training (2)
  • Business Risk (1)
  • LOGICcards (1)
Show moreless
SolarWinds MSP

Products
  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds EDR
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Passportal
  • All Products Use Cases
Solutions
  • Security Solutions
  • Monitoring Solutions
  • Efficiency Solutions
  • Identify which RMM solution is right for me
  • Drive Efficiency with Automation
  • Manage my MSP Business More Efficiently
  • Manage my IT Department More Efficiently
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights
About
  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Upcoming Events
  • Subscription Preferences
  • SolarWinds
  • SolarWinds Trust Center
  • COVID-19 Response
Support
  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • SolarWinds Take Control
  • SolarWinds MSP Manager
  • Solarwinds Risk Intelligence
  • Solarwinds Threat Monitor
  • SolarWinds Passportal
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Service Status

Footer 2

  • Legal Documents
  • Privacy
  • California Privacy Rights
  • Security Information
  • Sitemap

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.