April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities

April Patch Tuesday: Fixes for Font-Related, Microsoft SharePoint, Windows Components Vulnerabilities

Microsoft fixed 113 vulnerabilities in this month’s Patch Tuesday, just two shy of last month’s 115. This continues the streak of longer-than-usual list of patches that began in January. In fact, compared to the same period in 2019, Microsoft fixed 44% more vulnerabilities between January to April of this year.


In this month’s list, 17 were rated as critical, and 96 were rated as important. Three of the bugs addressed this month were identified as vulnerabilities under active attack. Included in the list of fixes is the font-related vulnerability announced in Microsoft’s security advisory soon after March’s Patch Tuesday. Mitigations and workarounds were disclosed in the same announcement, and Trend Micro also released rules for this flaw. This month’s list also includes patches for another associated critical font-related vulnerability.


Cloud-based document management and collaboration platform Microsoft SharePoint had its fair share of fixes for vulnerabilities, ranging from important to critical, that involved Remote Code Execution (RCE), cross-site scripting (XSS), and spoofing.


Joining these patches are ones for privilege escalation through various Windows components, including Microsoft Defender.


Find more details on some of the notable vulnerabilities that were patched in April below.


Font-Related Vulnerabilities


The earlier released vulnerability found in Adobe Type Manager Library (atmfd.dll), which is used to render fonts with the Adobe Type 1 PostScript format, is now officially listed as april patch tuesday fixes related microsoft sharepoint windows components vulnerabilities