13
Aug 19

Patch Tuesday, August 2019 Edition

Most Microsoft Windows (ab)users probably welcome the monthly ritual of applying security updates about as much as they look forward to going to the dentist: It always seems like you were there just yesterday, and you never quite know how it’s all going to turn out. Fortunately, this month’s patch batch from Redmond is mercifully light, at least compared to last month.

Okay, maybe a trip to the dentist’s office is still preferable. In any case, today is the second Tuesday of the month, which means it’s once again Patch Tuesday (or — depending on your setup and when you’re reading this post — Reboot Wednesday). Microsoft today released patches to fix some 93 vulnerabilities in Windows and related software, 35 of which affect various Server versions of Windows, and another 70 that apply to the Windows 10 operating system.

Although there don’t appear to be any zero-day vulnerabilities fixed this month — i.e. those that get exploited by cybercriminals before an official patch is available — there are several issues that merit attention.

Chief among those are patches to address four moderately terrifying flaws in Microsoft’s Remote Desktop Service, a feature which allows users to remotely access and administer a Windows computer as if they were actually seated in front of the remote computer. Security vendor Qualys says two of these weaknesses can be exploited remotely without any authentication or user interaction.

“According to Microsoft, at least two of these vulnerabilities (CVE-2019-1181 and CVE-2019-1182) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak. “It is highly likely that at least one of these vulnerabilities will be quickly weaponized, and patching should be prioritized for all Windows systems.”

Fortunately, Remote Desktop is disabled by default in Windows 10, and as such these flaws are more likely to be a threat for enterprises that have enabled the application for various purposes. For those keeping score, this is the fourth time in 2019 Microsoft has had to fix critical security issues with its Remote Desktop service.

For all you Microsoft Edge and Internet Exploiter Explorer users, Microsoft has issued the usual panoply of updates for flaws that could be exploited to install malware after a user merely visits a hacked or booby-trapped Web site. Other equally serious flaws patched in Windows this month could be used to compromise the operating system just by convincing the user to open a malicious file (regardless of which browser the user is running).

As crazy as it may seem, this is the second month in a row that Adobe hasn’t issued a security update for its Flash Player browser plugin, which is bundled in IE/Edge and Chrome (although now hobbled by default in Chrome). However, Adobe did release important updates for its Acrobat and free PDF reader products.

If the tone of this post sounds a wee bit cantankerous, it might be because at least one of the updates I installed last month totally hosed my Windows 10 machine. I consider myself an equal OS abuser, and maintain multiple computers powered by a variety of operating systems, including Windows, Linux and MacOS.

Nevertheless, it is frustrating when being diligent about applying patches introduces so many unfixable problems that you’re forced to completely reinstall the OS and all of the programs that ride on top of it. On the bright side, my newly-refreshed Windows computer is a bit more responsive than it was before crash hell.

So, three words of advice. First off, don’t let Microsoft decide when to apply patches and reboot your computer. On the one hand, it’s nice Microsoft gives us a predictable schedule when it’s going to release patches. On the other, Windows 10 will by default download and install patches whenever it pleases, and then reboot the computer.

Unless you change that setting. Here’s a tutorial on how to do that. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

Secondly, it doesn’t hurt to wait a few days to apply updates.  Very often fixes released on Patch Tuesday have glitches that cause problems for an indeterminate number of Windows systems. When this happens, Microsoft then patches their patches to minimize the same problems for users who haven’t yet applied the updates, but it sometimes takes a few days for Redmond to iron out the kinks.

Finally, please have some kind of system for backing up your files before applying any updates. You can use third-party software for this, or just the options built into Windows 10. At some level, it doesn’t matter. Just make sure you’re backing up your files, preferably following the 3-2-1 backup rule. Thankfully, I’m vigilant about backing up my files.

And, as ever, if you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.

Tags: ,

117 comments

  1. This August update has up until now caused 4 W7 Pro machines not being able to boot. It goes directly into repair mode, not being able to do a repair. F8 no luck either, goes directly into repair mode.
    Mounting the disk in another machine and checking Windows update log file reveals that it updated and then rebooted. For good measure I checked for malware.
    Have not found a solution to this yet.
    Really annoying.

  2. Completely b0rked my installation. Bootet endlessly into recovery mode. Uninstalling updates in recovery also failed. System recovery points were also damaged. Have to reinstall my system now.

    Good job Microsoft.

  3. 8 computers looping in 2 days, thanks Microsoft

  4. Warning to healthcare: August 13th patches are causing issues with Epic’s Hyperspace. See https://userweb.epic.com/Thread/89877/Microsofts-August-13th-Patches-Installed-in-Epics-Target-Pla/

    • Not an Epic User

      Site requires affiliation with an institution or an existing Epic user account. FYI.

    • Interesting about Epic… the UserWeb site actually LISTS the institutions involved in the UserWeb community.
      This is completely stupid.
      There is NO excuse to expose these institutions to hacking by showing all of them. As soon as a common sidelined vulnerability arrives on the scene, the entire healthcare blackhat group can attack SPECIFICALLY those institutions to grab the records.
      Seriously, this is a HUGE threat to these institutions, and the Project Manager who said ‘Oh, this is a good idea!’ has NO idea about security.
      None.
      Also, these geniuses don’t understand this is also a sales person’s dream about discovering the client list of your competition.

      Possibly these EPIC employees are in the same league (Rocket Scientist level) as the Equifax CIOs Jun Ying & Co.?
      Anyway – I can’t believe that Epic is this obtuse.

  5. No issues thus far on 5 Windows 10 systems(1803, 1809 and 1903), and 20 servers running a mix of 2012-R2, 2016 and 2019.

  6. I’ve faced similar problems. Tried everything, but startup repair looping forever. I can’t boot with repair mode or safe mode. Any ideas how to fix this?

  7. Same issue. There has to be a fix

  8. Not sure if related but 1 of2 e-mail accounts was completely deleted around this update. Do not know if the e-mails are recoverable?

  9. Has there been any reference found for CVE-2019-1262? Intel states a patch was released Tuesday, but it is not found on MSFT’s website or within the latest Nexpose content update.

    “FROM THE MEDIA: A high-severity privilege escalation vulnerability (CVE-2019-1262) that could leave Windows open to hijacking has been found in the Microsoft CTextFramework (CTF) protocol used in all versions of Microsoft Windows. According to Google Project Zero researcher Tavis Ormandy, the insecure CTF protocol could also be leveraged by attackers (or malware already on a system) to escape sandbox environments and obtain administrator rights on compromised Windows systems. According to reports, the CTF protocol, which dates back to Windows XP and is part of the Windows Text Services Framework (TSF), contains multiple vulnerabilities that can be exploited using applications that handle onscreen text and interact with the protocol. Ormandy has reportedly developed a proof-of-concept (PoC) tool that can exploit CTF using Notepad in order to launch a command-line shell with System-level privileges. “The obvious attack is an unprivileged user injecting commands into an Administrator’s console session, or reading passwords as users log in. Even sandboxed AppContainer processes can perform the same attack …These are the kind of hidden attack surfaces where bugs last for years … It turns out it was possible to reach across sessions and violate NT security boundaries for nearly twenty years, and nobody noticed,” says Ormandy. Microsoft released a fix for CVE-2019-1262 as part of its August Patch Tuesday.”

  10. James Schumaker

    I’m still using Windows 7, and this update fixed the sluggishness I was experiencing in booting up and various other operations after last month’s update. Don’t ask me why, but everything is operating faster. I am also still using Outlook 2007, and it seems to have improved its speed and performance as well, although I haven’t used it much and problems may be lurking.

    Does anyone share my thought that Microsoft could have stuck with Windows XP and everyone would have been happy?

  11. To those still having problems with personal (not business) computers, make an appointment at a Microsoft store. They will fix OS issues for free, remove malware or diagnose hardware problems.

  12. https://www.disk-partition.com/diskpart/sfc-scannow-not-working.html

    try this command to revert update
    dism.exe /image:c:\ /cleanup-image /revertpendingactions

    • Clint Westemeyer

      Sagit,
      Yep we had a Server 2008 R2 server constantly booting to a system rtecovery prompt after patches, this command rolled the updates back and got the server back up and running again, thankfully!

  13. The August Windows 10 update seems to include programming to redirect the IE11 (aka Windows exploder) home page to MSN. One is politely prompted that you either
    ‘Set Microsoft recommended settings for your browser’, setting your home page/new tab page to MSN,
    or
    ‘Your current settings’.
    Closing the browser makes the prompt go away. I can see this causing some concern/frustration/consternation for the average enduser.

    Sigh.

  14. Sean M. Newcombe

    I installed MS updates and now I’m having issues running video in a software platform for subtitle editing that had been working fine heretofore. The error that I get is listed as “Error 1721 There is a problem with this Windows Installer package. A program required for this install to complete could not be run. Contact your support or package vendor.” Any advice or suggestions for how to resolve this? Any help would be appreciated. Thanks!

  15. When are we going to learn? Anyone running W7 needs to turn off update. Continue to run Defender.

  16. This update, KB4512506, knackered my PC (W7 prof 64 bit). Fortunately I always have a clone and a clone of the clone, courtesy of Casper 8. I’m in the UK and must agree with your comments. I was quite happy with XP and I can’t stand W10, which I have to put up with on my tablet.

    • I also have Win7 biz 64, and download updates from the Microsoft Update Catalog, and install one at a time. The update you installed is a “quality rollup,” which I believe includes more than one month of updates. If you do monthly updates, the rollups probably aren’t necessary, and they’re about three times the size of the monthly security updates. This month I installed Kb4474419 and Kb4512486. The latter required two restarts, but my machine was good as before afterward. And–miracle of miracles–the updates didn’t require me to re-do the settings of the Windows Media Player, for the first time in several months.

      FWIW, I do a disk cleanup before each and every update, including between updates.

  17. Yes – Has 3 cleints all co-incidence I thought, but all were after a Windows 7 update on Wed morning. I managed to recover all 3 pc’s now, but on one of them I was performing manual Windows 7 updates one at a time to determine the culprit. Before each install I ran a Create Restore Point. Then as I suspected (I have a bunch of 4 critical patches to install). It was the last one which broke the pc. KB4512506. DO NOT INSTALL THIS ONE. It will break Windows 7 and will not boot. I tried to perform all sorts of restores. The only thing that saved my bacon on the last pc was that restore point. Win7 recovery repair loop recovered from it. Then Windows update logs reveal this patch failed to install. WELL DONE MICROSOFT. I have now disabled and hidden this patch from installing. Let’s see how Microsoft fix this one if they don;t already know about it?

    • Ran into the same problem. KB4512506 was the culprit. Luckily this update has failed on some of my win 7 pro machines and just unselected it and then hid it as well as turned off update for the next three weeks.
      Amazing that MS will not give you this kind of control in Win 10 for the smaller businesses… but it WILL in Win7. Especially with the complete failure UPDATES that have been pushed out over the course of the past 18 months.
      You know it is class action law suits that reduce this abused if you have the right attorneys.
      But the way some of the modern Congress asked questions of Facebook, it made a fairly pathetic showing of how in touch these REPRESENTATIVES of the citizens are with technology. (…not a truck, but a series of tubes)

    • Brad: Thank you for the post. The info in the link to Microsoft resolved the issue.

    • I am having this automatic repair loop on my windows 10 laptop ever since this update, i was wondering, if there is a way to do this on windows 10?

  18. Since installing the update, all my MS Office programs on my brand new Lenovo Ideacentre return blank screens when you open a new or existing document. This isn’t happening on our old machines which also run Win10. Hoping it resolves soon, but at least we also have OpenOffice installed and can use it in the meantime…

    Very frustrating though!

  19. Forgot an additional issue that may be related – my speakers suddenly stopped working. They appear to be enabled everywhere except one spot in the settings which will not allow me to enable them…

  20. Can We downoad the Apk File of this App? i think it Would be illegal to get this App right?

  21. The update broke Visual Basic. Oops.

    At least Microsoft admitted fault and fixed the problem with another update, unlike other companies.

    https://www.bleepingcomputer.com/news/microsoft/windows-updates-start-rolling-out-to-fix-visual-basic-issues/

    • @Readership1 “Oops..”
      Too funny.
      Can hear the employees now –
      “Wa wa whAT??? Should I care??? Is that even a product we have????”
      Oh man… the folly never stops. Like the Keystone Cops

  22. I updated my computer twice this week but now everytime I do something or at random my laptop will crash and restart every dam time is there away to fix this

  23. Did the recent update just install Flash? I see the 32 bit Flash control in the Control Panel that I’ve not seen before. I’ve always tried to disable Flash in Edge (I use Firefox by default) but don’t see that setting now.

  24. Hi Guys,
    I have following problem after this patch in our company.
    Four of our IBM hardware Windows 2008 R2 Servers are booting into recovery mode. Unfortunately I am not able to fix the problem with dism.exe since the OS partition is not available. Diskpart says no fixed disks available. The raid configuration seems ok in bios, the VD is configured.
    Linux based Acronis for Server boot stick is able to see all the partitions and files.
    Do you have any ideas how to fix this?

    • >>Unfortunately I am not able to fix the problem with dism.exe since the OS partition is not available.

      I’ve got multiple win7 laptops with the same issue. Once the patches apply they reboot into Windows Repair, which fails and then you can’t access anything on the c: drive. Had to re-image and then the same thing happens again once they get the patch.

  25. august 2019 update deleted several files very upset that this has happened can we get damages for this?

  26. KB4512486 reboot loop in recovery console … IBM x3650 use IMM to mount imgage file With 2008R2 drivers for Mega Raid drivers. Load megasas2.inf drivers. Then you can advanced recovery cmd.exe prompt and use dism … /revertpendingactions command.

  27. Had 3 HP laptops with the audio drivers corrupt after this update. Easy enough fix but… 3 laptops, same model, all affected. You just never know what is going to happen with the updates.
    It’s like a mystery box from the Dark Web.
    Could help… Could be anthrax.

    • What was your solution for this? My desktop is having the same problem where audio won’t play and I have no idea how to fix it.

  28. This new updated deleted ALL my word docs. ALL OF THEM. I can “find” them but they’re all listed as shortcuts now with no way to open them or SEE the actual file which doesn’t seem to exist on my computer anymore.

Leave a comment