Microsoft is back with its monthly set of security updates, addressing a total of 96 vulnerabilities with 29 rated critical and 68 rated important. 36 vulnerabilities lead to remote code execution. 24 vulnerabilities can allow an attacker gain elevated privileges on your system. There are no reported zero-days this month and no publicly disclosed vulnerabilities.


Wormable flaws in Remote Desktop Services and few other critical vulnerabilities

There are four critical vulnerabilities (CVE-2019-1222, CVE-2019-1226, CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services. These vulnerabilities do not require authentication or user interaction for exploitation and lead to Remote Code Execution. Microsoft has announced that two of these bugs (CVE-2019-1181 and CVE-2019-1182) are wormable and are very similar to the Bluekeep (CVE-2019-0708) vulnerability which was patched in May 2019. These flaws allow a malware planted onto a system to propagate to other vulnerable systems without any user interaction. Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions are vulnerable. Updates for these vulnerabilities should also be installed on priority.

We are not done yet. There are two more wormable flaws that were identified. CVE-2019-0736, a critical remote code execution vulnerability in Windows DHCP client could be a wormable bug as an unauthenticated attacker can execute arbitrary code by just sending specially crafted DHCP responses to a client. Another critical remote code execution vulnerability (CVE-2019-1188) in Microsoft Windows LNK is also considered wormable. Researchers have pointed out that CVE-2019-1188 is similar to the bug exploited by Stuxnet malware back in 2010.

Microsoft has also patched 5 vulnerabilities (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) related to HTTP/2 Server. These vulnerabilities lead to Denial of Service condition by consuming excessive CPU and memory resources. HTTP/2 Server is used by 40% of the websites on the internet. A few attacks have been reported but it is not widespread. We will soon provide you with more details about these vulnerabilities and the affected products. Presently, we recommended installing the updates provided by Microsoft for HTTP/2 servers.


A gentle reminder for all the system administrators: Microsoft is withdrawing support for Windows 7 and Windows Server 2008 R2 from January 14, 2020. It is advised to install all the updates at the earliest high priority for the critical wormable flaws.


August 2019 Patch Tuesday release consists of security updates for the following products:

  • Microsoft Windows
  • Internet Explorer
  • Microsoft Edge
  • ChakraCore
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Visual Studio
  • Online Services
  • Active Directory
  • Microsoft Dynamics

Product : Microsoft Windows
CVEs/Advisory : CVE-2019-0714, CVE-2019-0715, CVE-2019-0716, CVE-2019-0717, CVE-2019-0718, CVE-2019-0720, CVE-2019-0723, CVE-2019-0736, CVE-2019-0965, CVE-2019-1057, CVE-2019-1078, CVE-2019-1125, CVE-2019-1143, CVE-2019-1144, CVE-2019-1145, CVE-2019-1146, CVE-2019-1147, CVE-2019-1148, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152, CVE-2019-1153, CVE-2019-1154, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157, CVE-2019-1158, CVE-2019-1159, CVE-2019-1161, CVE-2019-1162, CVE-2019-1163, CVE-2019-1164, CVE-2019-1168, CVE-2019-1169, CVE-2019-1170, CVE-2019-1171, CVE-2019-1172, CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1176, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1181, CVE-2019-1182, CVE-2019-1183, CVE-2019-1184, CVE-2019-1185, CVE-2019-1186, CVE-2019-1187, CVE-2019-1188, CVE-2019-1190, CVE-2019-1198, CVE-2019-1206, CVE-2019-1212, CVE-2019-1213, CVE-2019-1222, CVE-2019-1223, CVE-2019-1224, CVE-2019-1225, CVE-2019-1226, CVE-2019-1227, CVE-2019-1228, CVE-2019-9506, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518
Impact : Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass, Tampering
Severity : Critical
KBs : 4507435, 4507448, 4507449, 4507450, 4507452, 4507453, 4507455, 4507456, 4507457, 4507458, 4507460, 4507461, 4507462, 4507464, 4507469, 4511553, 4512476, 4512482, 4512486, 4512488, 4512489, 4512491, 4512497, 4512501, 4512506, 4512507, 4512508, 4512516, 4512517, 4512518


Product : Internet Explorer
CVEs/Advisory : CVE-2019-1133, CVE-2019-1192, CVE-2019-1193, CVE-2019-1194
Impact : Remote Code Execution, Security Feature Bypass
Severity : Critical
KBs : 4511553, 4511872, 4512476, 4512488, 4512497, 4512501, 4512506, 4512507, 4512508, 4512516, 4512517, 4512518


Product : Microsoft Edge
CVEs/Advisory : CVE-2019-1030, CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1192, CVE-2019-1193, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197
Impact : Information Disclosure, Remote Code Execution, Security Feature Bypass
Severity : Critical
KBs : 4511553, 4512497, 4512501, 4512507, 4512508, 4512516, 4512517


Product : ChakraCore
CVEs/Advisory : CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197
Impact : Remote Code Execution
Severity : Critical


Product : Microsoft Office and Microsoft Office Services and Web Apps
CVEs/Advisory : CVE-2019-1148, CVE-2019-1149, CVE-2019-1151, CVE-2019-1153, CVE-2019-1155, CVE-2019-1199, CVE-2019-1200, CVE-2019-1201, CVE-2019-1202, CVE-2019-1203, CVE-2019-1204, CVE-2019-1205, CVE-2019-1218
Impact : Elevation of Privilege, Information Disclosure, Remote Code Execution, Spoofing
Severity : Critical
KBs : 4462137, 4462216, 4464599, 4475506, 4475528, 4475530, 4475531, 4475533, 4475534, 4475538, 4475540, 4475547, 4475549, 4475553, 4475555, 4475557, 4475563, 4475565, 4475573, 4475575


Product : Visual Studio
CVEs/Advisory : CVE-2019-1211
Impact : Elevation of Privilege
Severity : Important


Product : Microsoft Dynamics
CVEs/Advisory : CVE-2019-1229
Impact : Elevation of Privilege
Severity : Important
KBs : 4508724


Product : Active Directory
CVEs/Advisory : ADV190023


Product : Microsoft Online Services
CVEs/Advisory : CVE-2019-1201, CVE-2019-1205, ADV190014
Impact : Elevation of Privilege, Remote Code Execution
Severity : Critical
KBs : 4475528


SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Download Saner now and keep your systems updated and secure.


Summary
Patch Tuesday: Microsoft Security Bulletin Summary for August 2019
Article Name
Patch Tuesday: Microsoft Security Bulletin Summary for August 2019
Author
Publisher Name
SecPod Technologies
Publisher Logo

Leave a Reply

Your email address will not be published. Required fields are marked *