Patch Tuesday: Microsoft Security Bulletin Summary for August 2019

Microsoft Security Bulletin August 2019 is back with its monthly set of security updates, addressing a total of 96 vulnerabilities with 29 rated critical and 68 rated important using a vulnerability scanning tool. 36 vulnerabilities lead to remote code execution. 24 vulnerabilities can allow an attacker gain elevated privileges on your system. There are no reported zero-days this month and no publicly disclosed vulnerabilities.

In the Microsoft Security Bulletin August 2019 Report, there are four critical vulnerabilities (CVE-2019-1222, CVE-2019-1226, CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services. A patch management tool can patch these. However, These vulnerabilities do not require authentication or user interaction for exploitation and lead to Remote Code Execution. Moreover, Microsoft has announced that two of these bugs (CVE-2019-1181 and CVE-2019-1182) are wormable and are very similar to the Bluekeep (CVE-2019-0708) vulnerability which was patched in May 2019. Also, These flaws allow a malware planted onto a system to propagate to other vulnerable systems without any user interaction. However, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions are vulnerable. Updates for these vulnerabilities should also be installed on priority.

We are not done yet. However, There are two more wormable flaws that were identified. CVE-2019-0736, a critical remote code execution vulnerability in Windows DHCP client could be a wormable bug as an unauthenticated attacker can execute arbitrary code by just sending specially crafted DHCP responses to a client. Another critical remote code execution vulnerability (CVE-2019-1188) in Microsoft Windows LNK is also considered wormable. Also, Researchers have pointed out that CVE-2019-1188 is similar to the bug exploited by Stuxnet malware back in 2010.

Microsoft has also patched 5 vulnerabilities (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) related to HTTP/2 Server. Also, These vulnerabilities lead to Denial of Service condition by consuming excessive CPU and memory resources. HTTP/2 Server is used by 40% of the websites on the internet. A few attacks have been reported but it is not widespread. We will soon provide you with more details about these vulnerabilities and the affected products. Presently, we recommended installing the updates provided by Microsoft for HTTP/2 servers.

A gentle reminder for all the system administrators: Microsoft is withdrawing support for Windows 7 and Windows Server 2008 R2 from January 14, 2020. It is advised to install all the updates at the earliest high priority for the critical wormable flaws.

• Microsoft Windows
• Internet Explorer
• Microsoft Edge
• ChakraCore
• Microsoft Office and Microsoft Office Services and Web Apps
• Visual Studio
• Online Services
• Active Directory
• Microsoft Dynamics

1. Product : Microsoft WindowsCVEs/Advisory : CVE-2019-0714, CVE-2019-0715, CVE-2019-0716, CVE-2019-0717, CVE-2019-0718, CVE-2019-0720, CVE-2019-0723, CVE-2019-0736, CVE-2019-0965, CVE-2019-1057, CVE-2019-1078, CVE-2019-1125, CVE-2019-1143, CVE-2019-1144, CVE-2019-1145, CVE-2019-1146, CVE-2019-1147, CVE-2019-1148, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152, CVE-2019-1153, CVE-2019-1154, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157, CVE-2019-1158, CVE-2019-1159, CVE-2019-1161, CVE-2019-1162, CVE-2019-1163, CVE-2019-1164, CVE-2019-1168, CVE-2019-1169, CVE-2019-1170, CVE-2019-1171, CVE-2019-1172, CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1176, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1181, CVE-2019-1182, CVE-2019-1183, CVE-2019-1184, CVE-2019-1185, CVE-2019-1186, CVE-2019-1187, CVE-2019-1188, CVE-2019-1190, CVE-2019-1198, CVE-2019-1206, CVE-2019-1212, CVE-2019-1213, CVE-2019-1222, CVE-2019-1223, CVE-2019-1224, CVE-2019-1225, CVE-2019-1226, CVE-2019-1227, CVE-2019-1228, CVE-2019-9506, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518Impact : Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass and then TamperingSeverity : CriticalKBs : 4507435, 4507448, 4507449, 4507450, 4507452, 4507453, 4507455, 4507456, 4507457, 4507458, 4507460, 4507461, 4507462, 4507464, 4507469, 4511553, 4512476, 4512482, 4512486, 4512488, 4512489, 4512491, 4512497, 4512501, 4512506, 4512507, 4512508, 4512516, 4512517, 4512518

2. Product : Internet ExplorerCVEs/Advisory : CVE-2019-1133, CVE-2019-1192, CVE-2019-1193, CVE-2019-1194Impact : Remote Code Execution and then Security Feature BypassSeverity : CriticalKBs : 4511553, 4511872, 4512476, 4512488, 4512497, 4512501, 4512506, 4512507, 4512508, 4512516, 4512517, 4512518

3. Product : Microsoft EdgeCVEs/Advisory : CVE-2019-1030, CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1192, CVE-2019-1193, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197Impact : Information Disclosure, Remote Code Execution and then Security Feature BypassSeverity : CriticalKBs : 4511553, 4512497, 4512501, 4512507, 4512508, 4512516, 4512517

4. Product : ChakraCoreCVEs/Advisory : CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197Impact : Remote Code ExecutionSeverity : Critical

5. Product : Microsoft Office and Microsoft Office Services and Web AppsCVEs/Advisory : CVE-2019-1148, CVE-2019-1149, CVE-2019-1151, CVE-2019-1153, CVE-2019-1155, CVE-2019-1199, CVE-2019-1200, CVE-2019-1201, CVE-2019-1202, CVE-2019-1203, CVE-2019-1204, CVE-2019-1205, CVE-2019-1218Impact : Elevation of Privilege, Information Disclosure, Remote Code Execution and then SpoofingSeverity : CriticalKBs : 4462137, 4462216, 4464599, 4475506, 4475528, 4475530, 4475531, 4475533, 4475534, 4475538, 4475540, 4475547, 4475549, 4475553, 4475555, 4475557, 4475563, 4475565, 4475573, 4475575

6. Product : Visual StudioCVEs/Advisory : CVE-2019-1211Impact : Elevation of PrivilegeSeverity : Important

7. Product : Microsoft DynamicsCVEs/Advisory : CVE-2019-1229Impact : Elevation of PrivilegeSeverity : ImportantKBs : 4508724

8. Product : Active DirectoryCVEs/Advisory : ADV190023

9. Product : Microsoft Online ServicesCVEs/Advisory : CVE-2019-1201, CVE-2019-1205, ADV190014Impact : Elevation of Privilege, Remote Code ExecutionSeverity : CriticalKBs : 4475528

However, SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Also, Download Saner now and keep your systems updated and secure.