VERT Threat Alert: August 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-845 on Wednesday, August 14th.In-The-Wild & Disclosed CVEsMicrosoft has indicated that none of the vulnerabilities being patched this month have been used in-the-wild nor have they been publicly disclosed.CVE Breakdown by TagWhile historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis. Other InformationIn addition to the Microsoft vulnerabilities included in the August Security Guidance, a pair of advisories were released today.Microsoft Live Accounts Elevation of Privilege Vulnerability [ADV190014]Microsoft has released information regarding a vulnerability impacting Outlook Web Access (MS Exchange Online, MS Office 365, and Outlook.com) that could allow an attacker to access another person’s inbox. Microsoft has mitigated this attack vector for all users and no action is required on the part of organizations or individuals.Microsoft Guidance for Enabling LDAP Channel Binding and LDAP SigningMicrosoft has released guidance for enabling LDAP Channel Binding and LDAP signing, two methods for increasing the security of communication between LDAP clients and AD domain controllers.