As part of this month’s Patch Tuesday, Microsoft issued fixes for 78 vulnerabilities, including 15 critical flaws of which two are actively being exploited in cyber campaigns.

The two zero-days are tracked as CVE-2019-0880 and CVE-2019-1132 and both are privilege escalation flaws. The former flaw affects all modern Windows versions, while the latter only impacts Windows 7 and Server 2008.

Adobe also released three patches, but none of these flaws were critical or under attack.

Read more: July 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days