Microsoft Security Bulletin August 2019 is back with its monthly set of security updates, addressing a total of 96 vulnerabilities with 29 rated critical and 68 rated important using a vulnerability scanning tool. 36 vulnerabilities lead to remote code execution. 24 vulnerabilities can allow an attacker gain elevated privileges on your system. There are no reported zero-days this month and no publicly disclosed vulnerabilities.
Wormable flaws in Remote Desktop Services and few other critical vulnerabilities
In the Microsoft Security Bulletin August 2019 Report, there are four critical vulnerabilities (CVE-2019-1222, CVE-2019-1226, CVE-2019-1181 and CVE-2019-1182) in Remote Desktop Services. A patch management tool can patch these. However, These vulnerabilities do not require authentication or user interaction for exploitation and lead to Remote Code Execution. Moreover, Microsoft has announced that two of these bugs (CVE-2019-1181 and CVE-2019-1182) are wormable and are very similar to the Bluekeep (CVE-2019-0708) vulnerability which was patched in May 2019. Also, These flaws allow a malware planted onto a system to propagate to other vulnerable systems without any user interaction. However, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 R2, and all supported versions of Windows 10, including server versions are vulnerable. Updates for these vulnerabilities should also be installed on priority.
We are not done yet. However, There are two more wormable flaws that were identified. CVE-2019-0736, a critical remote code execution vulnerability in Windows DHCP client could be a wormable bug as an unauthenticated attacker can execute arbitrary code by just sending specially crafted DHCP responses to a client. Another critical remote code execution vulnerability (CVE-2019-1188) in Microsoft Windows LNK is also considered wormable. Also, Researchers have pointed out that CVE-2019-1188 is similar to the bug exploited by Stuxnet malware back in 2010.
Microsoft has also patched 5 vulnerabilities (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518) related to HTTP/2 Server. Also, These vulnerabilities lead to Denial of Service condition by consuming excessive CPU and memory resources. HTTP/2 Server is used by 40% of the websites on the internet. A few attacks have been reported but it is not widespread. We will soon provide you with more details about these vulnerabilities and the affected products. Presently, we recommended installing the updates provided by Microsoft for HTTP/2 servers.
A gentle reminder for all the system administrators: Microsoft is withdrawing support for Windows 7 and Windows Server 2008 R2 from January 14, 2020. It is advised to install all the updates at the earliest high priority for the critical wormable flaws.
August 2019 Patch Tuesday release consists of security updates for the following products:
- Microsoft Windows
- Internet Explorer
- Microsoft Edge
- ChakraCore
- Microsoft Office and Microsoft Office Services and Web Apps
- Visual Studio
- Online Services
- Active Directory
- Microsoft Dynamics
Products Affected
- Product : Microsoft Windows
CVEs/Advisory : CVE-2019-0714, CVE-2019-0715, CVE-2019-0716, CVE-2019-0717, CVE-2019-0718, CVE-2019-0720, CVE-2019-0723, CVE-2019-0736, CVE-2019-0965, CVE-2019-1057, CVE-2019-1078, CVE-2019-1125, CVE-2019-1143, CVE-2019-1144, CVE-2019-1145, CVE-2019-1146, CVE-2019-1147, CVE-2019-1148, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152, CVE-2019-1153, CVE-2019-1154, CVE-2019-1155, CVE-2019-1156, CVE-2019-1157, CVE-2019-1158, CVE-2019-1159, CVE-2019-1161, CVE-2019-1162, CVE-2019-1163, CVE-2019-1164, CVE-2019-1168, CVE-2019-1169, CVE-2019-1170, CVE-2019-1171, CVE-2019-1172, CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1176, CVE-2019-1177, CVE-2019-1178, CVE-2019-1179, CVE-2019-1180, CVE-2019-1181, CVE-2019-1182, CVE-2019-1183, CVE-2019-1184, CVE-2019-1185, CVE-2019-1186, CVE-2019-1187, CVE-2019-1188, CVE-2019-1190, CVE-2019-1198, CVE-2019-1206, CVE-2019-1212, CVE-2019-1213, CVE-2019-1222, CVE-2019-1223, CVE-2019-1224, CVE-2019-1225, CVE-2019-1226, CVE-2019-1227, CVE-2019-1228, CVE-2019-9506, CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9518
Impact : Denial of Service, Elevation of Privilege, Information Disclosure, Remote Code Execution, Security Feature Bypass and then Tampering
Severity : Critical
KBs : 4507435, 4507448, 4507449, 4507450, 4507452, 4507453, 4507455, 4507456, 4507457, 4507458, 4507460, 4507461, 4507462, 4507464, 4507469, 4511553, 4512476, 4512482, 4512486, 4512488, 4512489, 4512491, 4512497, 4512501, 4512506, 4512507, 4512508, 4512516, 4512517, 4512518
2. Product : Internet Explorer
CVEs/Advisory : CVE-2019-1133, CVE-2019-1192, CVE-2019-1193, CVE-2019-1194
Impact : Remote Code Execution and then Security Feature Bypass
Severity : Critical
KBs : 4511553, 4511872, 4512476, 4512488, 4512497, 4512501, 4512506, 4512507, 4512508, 4512516, 4512517, 4512518
More affected products
3. Product : Microsoft Edge
CVEs/Advisory : CVE-2019-1030, CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1192, CVE-2019-1193, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197
Impact : Information Disclosure, Remote Code Execution and then Security Feature Bypass
Severity : Critical
KBs : 4511553, 4512497, 4512501, 4512507, 4512508, 4512516, 4512517
4. Product : ChakraCore
CVEs/Advisory : CVE-2019-1131, CVE-2019-1139, CVE-2019-1140, CVE-2019-1141, CVE-2019-1195, CVE-2019-1196, CVE-2019-1197
Impact : Remote Code Execution
Severity : Critical
5. Product : Microsoft Office and Microsoft Office Services and Web Apps
CVEs/Advisory : CVE-2019-1148, CVE-2019-1149, CVE-2019-1151, CVE-2019-1153, CVE-2019-1155, CVE-2019-1199, CVE-2019-1200, CVE-2019-1201, CVE-2019-1202, CVE-2019-1203, CVE-2019-1204, CVE-2019-1205, CVE-2019-1218
Impact : Elevation of Privilege, Information Disclosure, Remote Code Execution and then Spoofing
Severity : Critical
KBs : 4462137, 4462216, 4464599, 4475506, 4475528, 4475530, 4475531, 4475533, 4475534, 4475538, 4475540, 4475547, 4475549, 4475553, 4475555, 4475557, 4475563, 4475565, 4475573, 4475575
6. Product : Visual Studio
CVEs/Advisory : CVE-2019-1211
Impact : Elevation of Privilege
Severity : Important
7. Product : Microsoft Dynamics
CVEs/Advisory : CVE-2019-1229
Impact : Elevation of Privilege
Severity : Important
KBs : 4508724
8. Product : Active Directory
CVEs/Advisory : ADV190023
9. Product : Microsoft Online Services
CVEs/Advisory : CVE-2019-1201, CVE-2019-1205, ADV190014
Impact : Elevation of Privilege, Remote Code Execution
Severity : Critical
KBs : 4475528
However, SecPod Saner detects these vulnerabilities and automatically fixes it by applying security updates. Also, Download Saner now and keep your systems updated and secure.