There are quite many vulnerabilities this month. Take care of the endpoints especially now when users mostly work remotely.
The number of the vulnerabilities has been great during the last months. April is no exception. This month Microsoft patched 113 vulnerabilities. There are not any highest critical level of vulnerabilities targeted to operating systems or browsers this patch Tuesday.
On the other hand, there are a couple of zero-day vulnerabilities which are publicly disclosed (CVE-2020-1020 ja CVE-2020-0938). The vulnerabilities are related to Adobe Font Manager Library. Microsoft actually released an advisory for them last month’s patch Tuesday. The impact of these vulnerabilities is greater for the old operating systems such as Windows 7. More thorough information of the two identical vulnerabilities can be found from Microsoft’s MSRC-portal.
The impact and scoring of these and other vulnerabilities can be explored with Common Vulnerability Scoring System Calculator. Microsoft posts CVSS-calculator (maintained by National Vulnerability Database) links for all the vulnerabilities in their vulnerability articles.
Although, Microsoft has once again taken care of their products and has patched the known vulnerabilities, organizations should do their part. Because of the COVID 19 -epidemic, majority of the people is working remotely. This means that the endpoints might not be protected by the internal network and other perimeter based security controls.
Centero also recommends to migrate from Windows 7 to modern Windows 10 operating system. Some of the vulnerabilities were more harmful to Windows 7 than they would be to Windows 10.
The known issues for the operating systems were rather mild this month.
|Operating system||Known issues (last month)|
|Windows 10, version 1909 ja 1903* and Windows Server, version 1903||0 (1)|
|Windows 10, version 1809 and Windows Server 2019||1 (2)|
|Windows 10, version 1803**||1 (0)|
|Windows 10, version 1709** and Windows Server, version 1709||1 (0)|
|Windows 10, version 1703***||1 (0)|
|Windows 10, version 1607*** and Windows Server 2016||1 (2)|
|Windows 8.1**** and Windows Server 2012 R2||1 (1)|
|Windows Server 2012||1 (1)|
|Windows 7**** and Windows Server 2008 R2 SP1||1 (2)|
* 1909 shares the same core and system files with the predecessor 1903.
** The support for the specific feature update for version Home and Pro has ended.
*** The support for the specific feature update for all the version has ended.
**** Mainstream support for the operating system has ended: Windows 8.1 1/10/2023 and Windows 7 1/14/2020.
The security updates do not require any special exceptions or processes this month. Centero recommends to test the updates thoroughly before deploying them to production endpoints. In addition to this, all the known issues should be read through and reflected to own environment.
Microsoft maintains a list of Windows updates and their known issues on the following pages.
- Known issues and notifications
- Windows 10 update history
- Windows 8.1 and Windows Server 2012 R2 update history
- Windows Server 2012 update history
- Windows 7 SP1 and Windows Server 2008 R2 SP1 update historypäivityshistoria
- Windows lifecycle fact sheet