For the May 2020 Patch Tuesday, Microsoft has fixed 111 CVE-numbered flaws and Adobe 36, but none are under active attack.
Microsoft’s updates
For the third time in the last three months, Microsoft squashed over 100 CVE-numbered bugs. Of the 111 flaws fixed this time, 16 are rated critical and the rest important, but none of them are publicly known or under active attack.
Among the vulnerabilities of note that have been patched are:
CVE-2020-1135 – A vulnerability in the Windows Graphics Component that could allow attackers to elevate their privileges on a compromised system and do things like steal credentials, install malware, etc. The vulnerability is found in most Windows 10 and Windows Server builds and Microsoft deems it “more likely to be exploited.”