Each month I usually update about an hour after each monthly “patch Tuesday” release (1pm EDT) & no issues found so far.  While the 3 exploits are more limited & targeted attacks, applying APRIL 2020 release promptly after corporate pilot testing is highly recommended.  The April release is a “patch now” type release esp. with new WFH paradigm as informative article from ARS Technica highlights below


Two of the security flaws—tracked as CVE-2020-1020 and CVE-2020-0938—reside in the Adobe Type Manager Library, a Windows DLL file that a wide variety of apps use to manage and render fonts available from Adobe Systems. On supported operating systems other than Windows 10, attackers who successfully exploit the vulnerabilities can remotely execute code. Attackers can exploit the flaws by convincing a target to open a booby-trapped document or view it in the Windows preview pane.

– – – – – – – – – – – – – – – –

he last zero-day exploit targets CVE-2020-1027, an elevation of privilege flaw in the way that the Windows kernel handles objects in memory. Attackers who already have limited system rights on a vulnerable machine can use the exploit to execute malicious code. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.