Microsoft Patches Three Actively Exploited Zero-Day Flaws

Summary

Microsoft patched 113 vulnerabilities in the latest Patch Tuesday release – three of which are considered zero-day flaws and are actively being exploited. CVE-2020-0938 and CVE-2020-1020 are considered critical remote code execution flaws and exist in the Adobe Type Manager Library affecting all systems except Windows 10. If successfully executed, a threat actor could install programs, view and delete data, and create new accounts with full user rights. The third zero-day, CVE-2020-1027, resides in the Windows kernel and allows threat actors to elevate privileges and run code with kernel access. With over 500 patches recently released, researchers warn of a phenomenon dubbed the “ Fujiwhara effect,” and are concerned how long it will take IT administrators to collect, analyze, triage, and roll out updates to affected systems while most employees are teleworking.

Recommendations

The NJCCIC recommends IT administrators and security teams patch systems according to severity and successful exploitation. Further information can be found in the IT Pro article and ZDNet article.