13 febrero, 2020

9VSA20-00141-01 CSIRT comparte actualizaciones de Microsoft

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a febrero de 2020, parchando 25 vulnerabilidades en sus softwares. Además se informa de 76 vulnerabilidades adicionales al reporte mensual.

 

Vulnerabilidades

Reportados en el informe de febrero:

CVE-2020-0618

CVE-2020-0696

CVE-2020-0736

CVE-2020-0658

CVE-2020-0697

CVE-2020-0744

CVE-2020-0675

CVE-2020-0698

CVE-2020-0746

CVE-2020-0676

CVE-2020-0705

CVE-2020-0748

CVE-2020-0677

CVE-2020-0706

CVE-2020-0755

CVE-2020-0689

CVE-2020-0714

CVE-2020-0756

CVE-2020-0693

CVE-2020-0716

CVE-2020-0759

CVE-2020-0694

CVE-2020-0717

CVE-2020-0695

CVE-2020-0728

 

Reportados adicionalmente:

CVE-2020-0655

CVE-2020-0691

CVE-2020-0732

CVE-2020-0657

CVE-2020-0692

CVE-2020-0733

CVE-2020-0659

CVE-2020-0701

CVE-2020-0734

CVE-2020-0660

CVE-2020-0702

CVE-2020-0735

CVE-2020-0661

CVE-2020-0703

CVE-2020-0737

CVE-2020-0662

CVE-2020-0704

CVE-2020-0738

CVE-2020-0663

CVE-2020-0707

CVE-2020-0739

CVE-2020-0665

CVE-2020-0708

CVE-2020-0740

CVE-2020-0666

CVE-2020-0709

CVE-2020-0741

CVE-2020-0667

CVE-2020-0710

CVE-2020-0742

CVE-2020-0668

CVE-2020-0711

CVE-2020-0743

CVE-2020-0669

CVE-2020-0712

CVE-2020-0745

CVE-2020-0670

CVE-2020-0713

CVE-2020-0747

CVE-2020-0671

CVE-2020-0715

CVE-2020-0749

CVE-2020-0672

CVE-2020-0719

CVE-2020-0750

CVE-2020-0673

CVE-2020-0720

CVE-2020-0751

CVE-2020-0674

CVE-2020-0721

CVE-2020-0752

CVE-2020-0678

CVE-2020-0722

CVE-2020-0753

CVE-2020-0679

CVE-2020-0723

CVE-2020-0754

CVE-2020-0680

CVE-2020-0724

CVE-2020-0757

CVE-2020-0681

CVE-2020-0725

CVE-2020-0767

CVE-2020-0682

CVE-2020-0726

CVE-2020-0792

CVE-2020-0683

CVE-2020-0727

CVE-2020-0817

CVE-2020-0685

CVE-2020-0729

CVE-2020-0818

CVE-2020-0686

CVE-2020-0730

CVE-2020-0688

CVE-2020-0731

 

Productos Afectados

 

  • ChakraCore
  • Internet Explorer 9, 10, 11
  • Microsoft Edge (EdgeHTML-based)
  • Microsoft Excel
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
  • Microsoft Exchange Server
  • 2010 Service Pack 3 Update Rollup 30
  • 2013 Cumulative Update 23
  • 2016 Cumulative Update 14
  • 2016 Cumulative Update 15
  • 2019 Cumulative Update 3
  • 2019 Cumulative Update 4
  • Microsoft Office
    • 2016 (32-bit y 64-bit editions)
    • 2016 for Mac
    • 2019 (32-bit y 64-bit editions)
    • 2019 for Mac
  • Microsoft Outlook
  • 2010 Service Pack 2 (32-bit y 64-bit editions)
  • 2013 RT Service Pack 1
  • 2013 Service Pack 1 (32-bit y 64-bit editions)
  • 2016 (32-bit y 64-bit editions)
  • Microsoft SharePoint
  • Enterprise Server 2016
  • Foundation 2013 Service Pack 1
  • Server 2019
  • Microsoft SQL Server
  • 2012 for 32-bit Systems Service Pack 4 (QFE)
  • 2012 for x64-based Systems Service Pack 4 (QFE)
  • 2014 Service Pack 3 for 32-bit Systems (CU)
  • 2014 Service Pack 3 for 32-bit Systems (GDR)
  • 2014 Service Pack 3 for x64-based Systems (CU)
  • 2014 Service Pack 3 for x64-based Systems (GDR)
  • 2016 for x64-based Systems Service Pack 2 (CU)
  • 2016 for x64-based Systems Service Pack 2 (GDR)
  • Microsoft Surface Hub
  • Office 365 ProPlus (32-bit y 64-bit editions)
  • Office Online Server
  • Windows 10
    • Version 1607, 1709, 1803, 1809, 1903, 1909, para 32 y 64 bit
  • Windows 7
    • 32-bit Systems Service Pack 1
    • x64-based Systems Service Pack 1
  • Windows 8.1
    • 32-bit systems
    • x64-based systems
  • Windows RT 8.1
  • Windows Server 2008
    • 32-bit Systems Service Pack 2
    • 32-bit Systems Service Pack 2 (Server Core installation)
    • Itanium-Based Systems Service Pack 2
    • x64-based Systems Service Pack 2
    • x64-based Systems Service Pack 2 (Server Core installation)
    • R2 for Itanium-Based Systems Service Pack 1
    • R2 for x64-based Systems Service Pack 1
    • R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012
    • 2012
    • Server Core installation
    • R2 y R2 (Server Core installation)
  • Windows Server 2016
    • 2016
    • Server Core installation
  • Windows Server 2019
    • 2019
    • Server Core installation
  • Windows Server
    • Version 1803 (Server Core Installation)
    • Version 1903 (Server Core installation)
    • Version 1909 (Server Core installation)

 

Mitigación

 Aplicar las actualizaciones publicadas por el fabricante.

 

Enlace

https://portal.msrc.microsoft.com/en-us/security-guidance

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Feb

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0618

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0658

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0675

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0676

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0677

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0689

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0693

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0694

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0695

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0696

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0697

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0698

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0705

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0706

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0714

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0716

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0717

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0728

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0736

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0744

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0746

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0748

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0755

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0756

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0759

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0655

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0657

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0659

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0660

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0661

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0662

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0663

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0665

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0666

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0667

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0668

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0669

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0670

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0671

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0672

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0673

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0678

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0679

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0680

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0681

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0682

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0683

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0685

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0686

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0688

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0691

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0692

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0701

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0703

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0704

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0707

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0708

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0709

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0710

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0712

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0713

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0715

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0719

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0720

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0721

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0722

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0723

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0724

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0725

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0726

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0727

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0729

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0730

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0731

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0732

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0733

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0734

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0735

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0737

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0738

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0739

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0740

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0741

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0742

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0743

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0745

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0747

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0749

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0750

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0751

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0752

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0753

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0754

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0757

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0767

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0792

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0817

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0818

 

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA20-00141-01