Make sure you’re patched. These vulnerabilities are being actively exploited…:
[…] Kaspersky Lab found CVE-2019-0859 last month when their automatic exploit prevention systems detected an attempt to abuse a Windows vulnerability. Further analysis revealed a zero-day bug in win32k.sys – the fifth exploited local privilege escalation vulnerability in Windows they had discovered since October. They reported the bug to Microsoft on March 17; it was patched along with 73 other vulnerabilities on the most recent Patch Tuesday.
The exploit Berdnikov and Larin saw in the wild targeted 64-bit versions of Window, ranging from Windows 7 to 10. This particular attack was directed at the kernel of target systems via a backdoor constructed from a core component of the Windows operating system.