Microsoft’s August 2019 Patch Tuesday updates fix more than 90 vulnerabilities, but none of them have been exploited in attacks or disclosed publicly before the patches were released.
“Microsoft resolved a total of 93 unique CVEs this month, but surprisingly there are NO zero days OR publicly disclosed vulnerabilities! It has been a long time since I remember that happening,” commented Chris Goettl, director of product management for security at Ivanti.
Of all the security holes patched this month, 29 are rated “critical.” They impact Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office.
According to Trend Micro’s Zero Day Initiative (ZDI), four of the critical flaws, all related to Remote Desktop Services (RDS) and all allowing remote code execution, appear to be wormable. These vulnerabilities are CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226.
“These four bugs share the same impact and exploit scenarios. An attacker can get code execution at system level by sending a specially crafted pre-authentication RDP packet to an affected RDS server,” ZDI explained in a blog post. “If that sounds familiar to you, then you are probably thinking about the recently patched BlueKeep vulnerability. Clearly, the folks in Redmond thought similar bugs existed in RDP, and these four patches demonstrate that fact. These bugs also receive Microsoft’s highest exploitability ranking, meaning we could likely see multiple RDP exploits circulating in the near future.”
A remote code execution vulnerability affecting the Windows DHCP client (CVE-2019-0736) could also be wormable since exploitation only involves sending specially crafted packets to the client, w ..
Support the originator by clicking the read the rest link below.
