TL;DR – Go Straight to the August Patch Tuesday Audit Report.

Microsoft released its August Patch Tuesday 2019 software updates and two advisories to address a total of 94 vulnerabilities in its Windows operating systems and other products. Including 26 rated as critical.

The August 2019 Patch Tuesday security updates include patches for various supported versions of Windows and other Microsoft products, including Internet Explorer, Edge, Office, ChakraCore, Visual Studio, Online Services, and Active Directory Microsoft Dynamics.

Included in this month’s updates are two new Critical and wormable Remote Desktop Protocol (RDP) vulnerabilities that affect all versions of Windows and could be used to remotely download and install malware on vulnerable computers.

Out of the Blue: New BlueKeep-Like Wormable RDP Vulnerabilities Fixed

In their Patch Tuesday, Microsoft announced two new wormable Critical Remote Desktop Protocol vulnerabilities that affect all versions of Windows. ASD Confirms that „Today the BlueKeep vulnerability is readily available to cybercriminals who seek to exploit vulnerable systems en masse.“

These new vulnerabilities are similar to the previous BlueKeep RDP vulnerability (CVE-2019-0708) as it is both wormable and allows for Remote Code Execution. This could allow an attacker to remotely install malware on vulnerable machines.

The vulnerabilities have been assigned CVE IDs CVE-2019-1181 and CVE-2019-1182 and are more critical than BlueKeep as they affect all in-support Windows versions, including Windows 10 and Windows Server.

August 2019 Security Update includes fixes for wormable RCE vulnerabilities in Remote Desktop Services (RDS), affecting all in-support versions of Windows. These should be patched quickly. For more information, see https://t.co/VxstoaChTF
— Security Response (@msftsecresponse) August 13, 2019

Adobe also released a patch update for August 2019 that addresses a total of 119 vulnerabilities, including critical Photoshop and Adobe Experience Manager updates.

Run the August Patch Tuesday Audit Report

Similar to previous months, we’ve created an audit report which checks if the assets in your network are on the latest Microsoft patch update. It’s color-coded to give you an easy and quick overview which assets are already on the latest Windows update, and which ones still need to be patched. All admins are advised to install these security updates as soon as possible to protect Windows from security risks.

Patch Tuesday August 2019 1 — *August Patch Tuesday Audit Report – Click to Enlarge*

If you haven’t already, start your free trial of Lansweeper to run the Microsoft Patch Tuesday Report. Make sure to subscribe via the form below if you want to receive the latest Microsoft Patch reports and bonus network reports.