Microsoft security update fixes zero-day vulnerabilities in Windows and other software

Microsoft's monthly security update patches more than 100 vulnerabilities, in Windows 10, Microsoft Exchange, Microsoft Office and other software.

Alison DeNisco Rayome Managing Editor
Managing Editor Alison DeNisco Rayome joined CNET in 2019, and is a member of the Home team. She is a co-lead of the CNET Tips and We Do the Math series, and manages the Home Tips series, testing out new hacks for cooking, cleaning and tinkering with all of the gadgets and appliances in your house. Alison was previously an editor at TechRepublic.
Expertise Home Tips, including cooking, cleaning and appliances hacks Credentials
  • National Silver Azbee Award for Impact/Investigative Journalism; National Gold Azbee Award for Online Single Topic Coverage by a Team; National Bronze Azbee Award for Web Feature Series
Alison DeNisco Rayome

Microsoft released its security patches shortly after announcing the Surface 4 laptop.


Microsoft released patches Tuesday for more than 100 security vulnerabilities, in software including Windows 10, Microsoft Exchange, Microsoft Azure and Microsoft Office, as part of its monthly Patch Tuesday security update. The flaws included five zero-day vulnerabilities, one of which was exploited in the wild, according to a blog post from security firm Kaspersky.

The latter is known as an escalation-of-privilege exploit, which is likely used with other browser flaws to gain system privileges to access someone's files, the Kaspersky post said. 

In Microsoft's March update, it released 89 software security fixes. 

The April security update should arrive on your Windows device automatically. You can also manually check for updates by going to Start  > Settings  > Update & Security  > Windows Update, and then selecting Check for updates.

For more, check out how to download Windows 10 for free, and how to use Microsoft 365 apps for free

Watch this: Windows 10: Features to try now