Microsoft Fixes Over 90 Security Bugs in August 2019 Updates + HTTP/2 DoS Bugs

It looks like a busy few days ahead for Threat and Vulnerability managers as Microsoft release over 90 fixes to security bugs including patches for 4 new blue-keep-esque wormable RDP flaws.

Trend Micro’s ZDI takes the credit for finding more Remote Desktop Services bugs, with CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226.

These vulnerabilities are rated critical and wormable, and only apply to Windows 7 sp1, Windows Server 2008 R2 SP1, Windows Server 2012, Windows 8.1, Windows Server 2012 and all Windows 10 versions and Windows Server versions after that.

In addition, HTTP/2 has just taken a bashing, with the discovery of 8 denial of service vulnerabilities which affect implementations on Apache, IIS and NGINX.

Sources:

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates

HTTP/2 Implementation Flaw Expose Websites to DoS Attacks