Compartir:

Facebook Twitter Mastodon Telegram Twitter WhatsApp

9VSA-00064-001 CSIRT comparte actualizaciones publicadas por Microsoft en su tradicional Martes de Parche

CSIRT comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a octubre del 2019

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a octubre del 2019, parchando un total de 62 vulnerabilidades en sus software, de ellos 9 han sido clasificados como críticos, 49 como importante, dos como moderado y dos como bajo.

Vulnerabilidad

Informados en el boletín de octubre

CVE-2019-1070               CVE-2019-1329               CVE-2019-1345

CVE-2019-1230               CVE-2019-1330               CVE-2019-1358

CVE-2019-1313               CVE-2019-1331               CVE-2019-1359

CVE-2019-1314               CVE-2019-1334               CVE-2019-1361

CVE-2019-1327               CVE-2019-1337               CVE-2019-1363

CVE-2019-1328               CVE-2019-1344               CVE-2019-1369

Informados adicionalmente

CVE-2019-0608               CVE-2019-1321               CVE-2019-1347

CVE-2019-1060               CVE-2019-1322               CVE-2019-1356

CVE-2019-1166               CVE-2019-1323               CVE-2019-1357

CVE-2019-1238               CVE-2019-1325               CVE-2019-1362

CVE-2019-1239               CVE-2019-1326               CVE-2019-1364

CVE-2019-1255               CVE-2019-1333               CVE-2019-1365

CVE-2019-1307               CVE-2019-1335               CVE-2019-1366

CVE-2019-1308               CVE-2019-1336               CVE-2019-1367

CVE-2019-1311               CVE-2019-1338               CVE-2019-1368

CVE-2019-1315               CVE-2019-1339               CVE-2019-1371

CVE-2019-1316               CVE-2019-1340               CVE-2019-1372

CVE-2019-1317               CVE-2019-1341               CVE-2019-1375

CVE-2019-1318               CVE-2019-1342               CVE-2019-1376

CVE-2019-1319               CVE-2019-1343               CVE-2019-1378

CVE-2019-1320               CVE-2019-1346

Productos Afectados

  • Azure App Service on Azure Stack
  • ChakraCore
  • Excel Services
  • Internet Explorer 9, 10, 11
  • Microsoft Dynamics 365 (on-premises) version 9.0
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Excel
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
  • Microsoft Forefront Endpoint Protection 2010
  • Microsoft Office
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
    • 2016 for Mac
    • 2019 (32-bit y 64-bit editions)
    • 2019 for Mac
  • Microsoft Security Essentials
  • Microsoft SharePoint
    • Enterprise Server 2013 Service Pack 1
    • Enterprise Server 2016
    • 2010 Service Pack 2
    • 2013 Service Pack 1
    • Server 2019
  • Microsoft System Center
    • 2012 Endpoint Protection
    • 2012 R2 Endpoint Protection
    • Endpoint Protection
  • Office 365 ProPlus (para sistemas de 32-bit y 64-bit)
  • Office Online Server
  • Open Enclave SDK
  • SQL Server Management Studio
    • 3
    • 3.1
  • Windows 10
    • Mobile
    • Version 1607, 1703, 1709, 1803, 1809, 1903, para 32 y 64 bit
  • Windows 7
    • 32-bit Systems Service Pack 1
    • x64-based Systems Service Pack 1
  • Windows 8.1
    • 32-bit systems
    • x64-based systems
  • Windows Defender
  • Windows RT 8.1
  • Windows Server 2008
    • 32-bit Systems Service Pack 2
    • 32-bit Systems Service Pack 2 (Server Core installation)
    • Itanium-Based Systems Service Pack 2
    • x64-based Systems Service Pack 2
    • x64-based Systems Service Pack 2 (Server Core installation)
    • R2 for Itanium-Based Systems Service Pack 1
    • R2 for x64-based Systems Service Pack 1
    • R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012
    • 2012
    • Server Core installation
    • R2 y R2 (Server Core installation)
  • Windows Server 2016
    • 2016
    • Server Core installation
  • Windows Server 2019
    • 2019
    • Server Core installation
  • Windows Server
    • version 1803 (Server Core Installation)
    • version 1903 (Server Core installation)

Mitigación

Aplicar las actualizaciones publicadas por el fabricante.

Enlace

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/28ef0a64-489c-e911-a994-000d3a33c573

https://portal.msrc.microsoft.com/en-us/security-guidance

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0608

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1060

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1070

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1166

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1230

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1238

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1239

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1255

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1307

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1308

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1311

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1313

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1314

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1315

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1316

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1317

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1319

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1320

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1321

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1322

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1323

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1325

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1326

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1327

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1328

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1329

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1330

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1331

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1333

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1334

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1335

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1336

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1337

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1338

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1339

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1340

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1341

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1342

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1343

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1344

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1345

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1346

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1347

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1356

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1357

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1358

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1359

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1361

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1362

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1363

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1364

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1365

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1366

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1368

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1369

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1371

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1372

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1375

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1376

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1378

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA-00064-001