Advisory Microsoft Updates – April 2020
aeCERT One of Telecommunications Regulatory Authority (TRA) Initiatives P O Box 116688, Dubai, United Arab Emirates (UAE) www.aecert.ae | www.tra.gov.ae
Version: 1.0 Ref: ADV-20-032 Document Date: 15/04/2020
Document Details
Disclaimer
Whilst every effort has been made to ensure the accuracy of the information contained within this report, aeCERT and the TRA bear no liability or responsibility for any recommendations issued or inadvertent damages that could be caused by the recipient of this information.
Accessing third-party links in this advisory will direct you to an external website. Please note that aeCERT bears no responsibility for third-party website traffic. aeCERT will have no liability to the entities for the content or use of the content available through the hyperlinks that are referenced.
Contents
Contents 1
Summary 2
Details 2
Recommendations 11
References 11
1 | P a g e
Summary aeCERT has received the latest Microsoft security updates that aim to patch recent vulnerabilities discovered in their system. The release has an impact on some of Microsoft’s products. In order to protect windows from security risks, users should patch their systems as soon as possible.
Details
Microsoft has released the monthly security updates for the month of April. This update discloses different vulnerabilities present in many of Microsoft’s products. This patch is related to 113 vulnerabilities with three of them being zero-day vulnerabilities: • 15 of the vulnerabilities are considered critical. • 93 are considered important. • 3 are considered moderate. • 2 are considered low.
The two zero-day vulnerabilities that are currently being seen actively exploited in attacks are as follows:
• CVE-2020-0938 - Adobe Font Manager Library Remote Code Execution Vulnerability • CVE-2020-1020 - Adobe Font Manager Library Remote Code Execution Vulnerability
The two zero-day vulnerabilities that have been publicly disclosed are as follows:
• CVE-2020-0935 - OneDrive for Windows Elevation of Privilege Vulnerability • CVE-2020-1020 - Adobe Font Manager Library Remote Code Execution Vulnerability
Further information about zero-day vulnerabilities can be found here.
2 | P a g e
The table below illustrates a list of resolved vulnerabilities for April 2020’s Patch Tuesday Microsoft updates.
Tag CVE ID CVE Title Severity
Android App CVE-2020-0943 Microsoft YourPhone Application for Android Important Authentication Bypass Vulnerability
Apps CVE-2020-1019 Microsoft RMS Sharing App for Mac Elevation of Important Privilege Vulnerability
Microsoft CVE-2020-1050 Microsoft Dynamics 365 (On-Premise) Cross Site Important Dynamics Scripting Vulnerability
Microsoft CVE-2020-1018 Microsoft Dynamics Business Central/NAV Information Important Dynamics Disclosure
Microsoft CVE-2020-1049 Microsoft Dynamics 365 (On-Premise) Cross Site Important Dynamics Scripting Vulnerability
Microsoft CVE-2020-1022 Dynamics Business Central Remote Code Execution Critical Dynamics Vulnerability
Microsoft CVE-2020-0952 Windows GDI Information Disclosure Vulnerability Important Graphics Component
Microsoft CVE-2020-0938 Adobe Font Manager Library Remote Code Execution Important Graphics Vulnerability Component
Microsoft CVE-2020-0687 Microsoft Graphics Remote Code Execution Critical Graphics Vulnerability Component
3 | P a g e
Microsoft CVE-2020-0987 Microsoft Graphics Component Information Disclosure Important Graphics Vulnerability Component
Microsoft CVE-2020-1004 Windows Graphics Component Elevation of Privilege Important Graphics Vulnerability Component
Microsoft CVE-2020-1005 Microsoft Graphics Component Information Disclosure Important Graphics Vulnerability Component
Microsoft CVE-2020-0958 Win32k Elevation of Privilege Vulnerability Important Graphics Component
Microsoft CVE-2020-0907 Microsoft Graphics Components Remote Code Critical Graphics Execution Vulnerability Component
Microsoft CVE-2020-0982 Microsoft Graphics Component Information Disclosure Important Graphics Vulnerability Component
Microsoft CVE-2020-0964 GDI+ Remote Code Execution Vulnerability Important Graphics Component
Microsoft CVE-2020-1020 Adobe Font Manager Library Remote Code Execution Important Graphics Vulnerability Component
Microsoft CVE-2020-0784 DirectX Elevation of Privilege Vulnerability Important Graphics Component
Microsoft JET CVE-2020-0995 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
4 | P a g e
Microsoft JET CVE-2020-0999 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0988 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0992 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0994 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0953 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0889 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0959 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-0960 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft JET CVE-2020-1008 Jet Database Engine Remote Code Execution Important Database Engine Vulnerability
Microsoft Office CVE-2020-0979 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-0980 Microsoft Word Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-0984 Microsoft (MAU) Office Elevation of Privilege Important Vulnerability
Microsoft Office CVE-2020-0760 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-0991 Microsoft Office Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-0961 Microsoft Office Access Connectivity Engine Remote Important Code Execution Vulnerability
5 | P a g e
Microsoft Office CVE-2020-0931 Microsoft SharePoint Remote Code Execution Critical Vulnerability
Microsoft Office CVE-2020-0906 Microsoft Excel Remote Code Execution Vulnerability Important
Microsoft Office CVE-2020-0935 OneDrive for Windows Elevation of Privilege Important Vulnerability
Microsoft Office CVE-2020-0927 Microsoft Office SharePoint XSS Vulnerability Critical SharePoint
Microsoft Office CVE-2020-0923 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0925 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0924 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0932 Microsoft SharePoint Remote Code Execution Critical SharePoint Vulnerability
Microsoft Office CVE-2020-0930 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0933 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0920 Microsoft SharePoint Remote Code Execution Important SharePoint Vulnerability
Microsoft Office CVE-2020-0929 Microsoft SharePoint Remote Code Execution Critical SharePoint Vulnerability
Microsoft Office CVE-2020-0971 Microsoft SharePoint Remote Code Execution Important SharePoint Vulnerability
Microsoft Office CVE-2020-0975 Microsoft SharePoint Spoofing Vulnerability Important SharePoint
6 | P a g e
Microsoft Office CVE-2020-0978 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0977 Microsoft SharePoint Spoofing Vulnerability Important SharePoint
Microsoft Office CVE-2020-0976 Microsoft SharePoint Spoofing Vulnerability Important SharePoint
Microsoft Office CVE-2020-0974 Microsoft SharePoint Remote Code Execution Critical SharePoint Vulnerability
Microsoft Office CVE-2020-0973 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft Office CVE-2020-0972 Microsoft SharePoint Spoofing Vulnerability Important SharePoint
Microsoft Office CVE-2020-0954 Microsoft Office SharePoint XSS Vulnerability Moderate SharePoint
Microsoft Office CVE-2020-0926 Microsoft Office SharePoint XSS Vulnerability Important SharePoint
Microsoft CVE-2020-0968 Scripting Engine Memory Corruption Vulnerability Moderate Scripting Engine
Microsoft CVE-2020-0966 VBScript Remote Code Execution Vulnerability Low Scripting Engine
Microsoft CVE-2020-0895 Windows VBScript Engine Remote Code Execution Low Scripting Engine Vulnerability
Microsoft CVE-2020-0969 Chakra Scripting Engine Memory Corruption Critical Scripting Engine Vulnerability
Microsoft CVE-2020-0970 Scripting Engine Memory Corruption Vulnerability Critical Scripting Engine
7 | P a g e
Microsoft CVE-2020-0967 VBScript Remote Code Execution Vulnerability Moderate Scripting Engine
Microsoft CVE-2020-0942 Connected User Experiences and Telemetry Service Important Windows Elevation of Privilege Vulnerability
Microsoft CVE-2020-0965 Microsoft Windows Codecs Library Remote Code Critical Windows Execution Vulnerability
Microsoft CVE-2020-0940 Windows Push Notification Service Elevation of Important Windows Privilege Vulnerability
Microsoft CVE-2020-0934 Windows Elevation of Privilege Vulnerability Important Windows
Microsoft CVE-2020-1029 Connected User Experiences and Telemetry Service Important Windows Elevation of Privilege Vulnerability
Microsoft CVE-2020-1011 Windows Elevation of Privilege Vulnerability Important Windows
Microsoft CVE-2020-1094 Windows Work Folder Service Elevation of Privilege Important Windows Vulnerability
Microsoft CVE-2020-1016 Windows Push Notification Service Information Important Windows Disclosure Vulnerability
Microsoft CVE-2020-0794 Windows Denial of Service Vulnerability Important Windows
Microsoft CVE-2020-1017 Windows Push Notification Service Elevation of Important Windows Privilege Vulnerability
Microsoft CVE-2020-0944 Connected User Experiences and Telemetry Service Important Windows Elevation of Privilege Vulnerability
Microsoft CVE-2020-1006 Windows Push Notification Service Elevation of Important Windows Privilege Vulnerability
8 | P a g e
Microsoft CVE-2020-1009 Windows Elevation of Privilege Vulnerability Important Windows
Microsoft CVE-2020-0981 Windows Token Security Feature Bypass Vulnerability Important Windows
Microsoft CVE-2020-1001 Windows Push Notification Service Elevation of Important Windows Privilege Vulnerability
Microsoft CVE-2020-0993 Windows DNS Denial of Service Vulnerability Important Windows DNS
Open Source CVE-2020-1026 MSR JavaScript Cryptography Library Security Feature Important Software Bypass Vulnerability
Remote Desktop CVE-2020-0919 Microsoft Remote Desktop App for Mac Elevation of Important Client Privilege Vulnerability
Visual Studio CVE-2020-0899 Microsoft Visual Studio Elevation of Privilege Important Vulnerability
Visual Studio CVE-2020-0900 Visual Studio Extension Installer Service Elevation of Important Privilege Vulnerability
Windows CVE-2020-1002 Microsoft Defender Elevation of Privilege Vulnerability Important Defender
Windows CVE-2020-0835 Windows Defender Antimalware Platform Hard Link Important Defender Elevation of Privilege Vulnerability
Windows Hyper- CVE-2020-0918 Windows Hyper-V Elevation of Privilege Vulnerability Important V
Windows Hyper- CVE-2020-0910 Windows Hyper-V Remote Code Execution Critical V Vulnerability
Windows Hyper- CVE-2020-0917 Windows Hyper-V Elevation of Privilege Vulnerability Important V
Windows Kernel CVE-2020-0699 Win32k Information Disclosure Vulnerability Important
9 | P a g e
Windows Kernel CVE-2020-1027 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-1003 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-0955 Windows Kernel Information Disclosure in CPU Important Memory Access
Windows Kernel CVE-2020-1015 Windows Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-1000 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-1007 Windows Kernel Information Disclosure Vulnerability Important
Windows Kernel CVE-2020-0957 Win32k Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-0936 Windows Scheduled Task Elevation of Privilege Important Vulnerability
Windows Kernel CVE-2020-0956 Win32k Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-0962 Win32k Information Disclosure Vulnerability Important
Windows Kernel CVE-2020-0821 Windows Kernel Information Disclosure Vulnerability Important
Windows Kernel CVE-2020-0913 Windows Kernel Elevation of Privilege Vulnerability Important
Windows Kernel CVE-2020-0888 DirectX Elevation of Privilege Vulnerability Important
Windows Media CVE-2020-0948 Media Foundation Memory Corruption Vulnerability Critical
Windows Media CVE-2020-0937 Media Foundation Information Disclosure Vulnerability Important
Windows Media CVE-2020-0949 Media Foundation Memory Corruption Vulnerability Critical
Windows Media CVE-2020-0939 Media Foundation Information Disclosure Vulnerability Important
Windows Media CVE-2020-0950 Media Foundation Memory Corruption Vulnerability Critical
Windows Media CVE-2020-0946 Media Foundation Information Disclosure Vulnerability Important
Windows Media CVE-2020-0947 Media Foundation Information Disclosure Vulnerability Important
Windows Media CVE-2020-0945 Media Foundation Information Disclosure Vulnerability Important
10 | P a g e
Windows CVE-2020-0996 Windows Update Stack Elevation of Privilege Important Update Stack Vulnerability
Windows CVE-2020-1014 Microsoft Windows Update Client Elevation of Privilege Important Update Stack Vulnerability
Windows CVE-2020-0983 Windows Elevation of Privilege Vulnerability Important Update Stack
Windows CVE-2020-0985 Windows Update Stack Elevation of Privilege Important Update Stack Vulnerability
Recommendations
To avoid exploitation due to the presence of the vulnerabilities present, we highly recommend to keep your system and programs updated with the latest security patches.
References
Bleepingcomputer Zdnet
11 | P a g e
aeCERT Contact Info
P.O. Box 116688 Dubai, United Arab Emirates
Tel (+971) 4 777 4003 Fax (+971) 4 777 4100 Email incident[at]aeCERT.ae Instagram @TheUAETRA Twitter @TheUAETRA
For secure communications with aeCERT with regards to sensitive or vulnerability information please send your correspondences to incident[at]aeCERT.ae
12 | P a g e