Microsoft never releases the full details of what they patch in case someone else is attempting to bypass the update. A DLL is nothing but a set of instructions and the update to the DLL or instructions to prevent injection via malicious code.
As for being standard? Yes, MS patches have two functions, to reduce the exploits/vulnerabilities and to help performance. MS releases their patches the second Tuesday of the month, followed 2 weeks later if an emergent mid-month patch is needed.
MS link I received from my support account for CVE-2020-0601 stated:
"An attacker could exploit the vulnerability by using a spoofed code-signed certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.
The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates the ECC certificates."