9VSA-00099-001 CSIRT shares 36 patches delivered by Microsoft for its products

Summary

The Computer Security Incident Response Team, CSIRT, shares the information provided by Microsoft in its monthly update report corresponding to December 2019, in which it makes available to the public a total of 36 patches to mitigate vulnerabilities in its software.

Vulnerability

CVE-2019-1332

CVE-2019-1349

CVE-2019-1350

CVE-2019-1351

CVE-2019-1352

CVE-2019-1354

CVE-2019-1387

CVE-2019-1400

CVE-2019-1453

CVE-2019-1458

CVE-2019-1461

CVE-2019-1462

CVE-2019-1463

CVE-2019-1464

CVE-2019-1465

CVE-2019-1466

CVE-2019-1467

CVE-2019-1468

CVE-2019-1469

CVE-2019-1470

CVE-2019-1471

CVE-2019-1472

CVE-2019-1474

CVE-2019-1476

CVE-2019-1477

CVE-2019-1478

CVE-2019-1480

CVE-2019-1481

CVE-2019-1483

CVE-2019-1484

CVE-2019-1485

CVE-2019-1486

CVE -2019-1487

CVE-2019-1488

CVE-2019-1489

CVE-2019-1490

Affected Products

Internet Explorer 9, 10, 11
Microsoft Authentication Library (MSAL) for Android
Microsoft Excel
2010 Service Pack 2 (32-bit and 64-bit editions)
2013 RT Service Pack 1
2013 Service Pack 1 (32-bit and 64-bit editions)
2016 (32-bit and 64-bit editions)
Microsoft Office
2010 Service Pack 2 (32-bit and 64-bit editions)
2013 RT Service Pack 1
2013 Service Pack 1 (32-bit and 64-bit editions)
2016 (32-bit and 64-bit editions)
2016 for Mac
2019 (32-bit and 64-bit editions)
2019 for Mac
Microsoft Powerpoint
2010 Service Pack 2 (32-bit and 64-bit editions)
2013 RT Service Pack 1
2013 Service Pack 1 (32-bit and 64-bit editions)
2016 (32-bit and 64-bit editions)
Microsoft Visual Studio
2017 version 15.0 -15.9, 16.0
2019 version 16.0 – 16.4
Microsoft Visual Studio Live Share extension
Microsoft Windows XP Service Pack 3
Microsoft Word
2010 Service Pack 2 (32-bit and 64-bit editions)
2013 RT Service Pack 1
2013 Service Pack 1 (32-bit and 64-bit editions)
2016 (32-bit and 64-bit editions)
Office 365 ProPlus (for 32-bit and 64-bit systems)
Power BI Report Server
Skype for Business Server 2019 CU2
SQL Server 2017 Reporting Services
SQL Server 2019 Reporting Services
Windows 10
Version 1607, 1703, 1709, 1803, 1809, 1903, for 32 and 64 bit
Windows 7
32-bit Systems Service Pack 1
x64-based Systems Service Pack 1
Windows 8.1
32-bit systems
x64-based systems
Windows Defender
Windows RT 8.1
Windows Server 2008
32-bit Systems Service Pack 2
32-bit Systems Service Pack 2 (Server Core installation)
Itanium-Based Systems Service Pack 2
x64-based Systems Service Pack 2
x64-based Systems Service Pack 2 (Server Core installation)
R2 for Itanium-Based Systems Service Pack 1
R2 for x64-based Systems Service Pack 1
R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
2012
Server Core installation
R2 and R2 (Server Core installation)
Windows Server 2016
2016
Server Core installation
Windows Server 2019
2019
Server Core installation
Windows Server
version 1803 (Server Core Installation)
version 1903 (Server Core installation)

Mitigation

Apply updates published by the manufacturer.

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec

Link

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1332

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1387

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1400

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1453

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1461

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1462

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1463

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1464

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1465

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1466

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1467

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1469

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1470

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1471

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1472

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1474

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1476

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1477

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1478

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1480

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1481

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1483

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1484

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1485

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1486

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1487

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1488

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1489

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1490