Microsoft security update fixes zero-day vulnerabilities in Windows and other software
Microsoft's monthly security update patches more than 100 vulnerabilities, in Windows 10, Microsoft Exchange, Microsoft Office and other software.
Alison DeNisco RayomeManaging Editor
Managing Editor Alison DeNisco Rayome joined CNET in 2019, and is a member of the Home team. She is a co-lead of the CNET Tips and We Do the Math series, and manages the Home Tips series, testing out new hacks for cooking, cleaning and tinkering with all of the gadgets and appliances in your house. Alison was previously an editor at TechRepublic.
ExpertiseHome Tips, including cooking, cleaning and appliances hacksCredentials
National Silver Azbee Award for Impact/Investigative Journalism; National Gold Azbee Award for Online Single Topic Coverage by a Team; National Bronze Azbee Award for Web Feature Series
Microsoft released patches Tuesday for more than 100 security vulnerabilities, in software including Windows 10, Microsoft Exchange, Microsoft Azure and Microsoft Office, as part of its monthly Patch Tuesday security update. The flaws included five zero-day vulnerabilities, one of which was exploited in the wild, according to a blog post from security firm Kaspersky.
The latter is known as an escalation-of-privilege exploit, which is likely used with other browser flaws to gain system privileges to access someone's files, the Kaspersky post said.
In Microsoft's March update, it released 89 software security fixes.
The April security update should arrive on your Windows device automatically. You can also manually check for updates by going to Start > Settings > Update & Security > Windows Update, and then selecting Check for updates.