9VSA20-00270-01 CSIRT comparte actualizaciones de Microsoft de Martes de Parche
CSIRT comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a julio de 2020
Resumen
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a julio de 2020, parchando 38 vulnerabilidades en sus softwares clasificando a 10 de ellas como críticas y 28 como importantes, además se informa de 89 vulnerabilidades adicionales al reporte mensual, 9 de ellas clasificadas como críticas y 80 como importantes.
Vulnerabilidades
Informadas en el reporte mensual correspondiente al mes de julio
ADV200008 CVE-2020-1350 CVE-2020-1433
CVE-2020-1032 CVE-2020-1351 CVE-2020-1439
CVE-2020-1036 CVE-2020-1358 CVE-2020-1442
CVE-2020-1040 CVE-2020-1361 CVE-2020-1445
CVE-2020-1041 CVE-2020-1367 CVE-2020-1446
CVE-2020-1042 CVE-2020-1386 CVE-2020-1447
CVE-2020-1043 CVE-2020-1389 CVE-2020-1448
CVE-2020-1147 CVE-2020-1391 CVE-2020-1449
CVE-2020-1240 CVE-2020-1397 CVE-2020-1458
CVE-2020-1330 CVE-2020-1419 CVE-2020-1461
CVE-2020-1342 CVE-2020-1420 CVE-2020-1462
CVE-2020-1346 CVE-2020-1426
CVE-2020-1349 CVE-2020-1432
Vulnerabilidades adicionales informadas
CVE-2020-1025 CVE-2020-1381 CVE-2020-1416
CVE-2020-1085 CVE-2020-1382 CVE-2020-1418
CVE-2020-1249 CVE-2020-1384 CVE-2020-1421
CVE-2020-1267 CVE-2020-1385 CVE-2020-1422
CVE-2020-1326 CVE-2020-1387 CVE-2020-1423
CVE-2020-1333 CVE-2020-1388 CVE-2020-1424
CVE-2020-1336 CVE-2020-1390 CVE-2020-1425
CVE-2020-1344 CVE-2020-1392 CVE-2020-1427
CVE-2020-1347 CVE-2020-1393 CVE-2020-1428
CVE-2020-1352 CVE-2020-1394 CVE-2020-1429
CVE-2020-1353 CVE-2020-1395 CVE-2020-1430
CVE-2020-1354 CVE-2020-1396 CVE-2020-1431
CVE-2020-1355 CVE-2020-1398 CVE-2020-1434
CVE-2020-1356 CVE-2020-1399 CVE-2020-1435
CVE-2020-1357 CVE-2020-1400 CVE-2020-1436
CVE-2020-1359 CVE-2020-1401 CVE-2020-1437
CVE-2020-1360 CVE-2020-1402 CVE-2020-1438
CVE-2020-1362 CVE-2020-1403 CVE-2020-1441
CVE-2020-1363 CVE-2020-1404 CVE-2020-1443
CVE-2020-1364 CVE-2020-1405 CVE-2020-1444
CVE-2020-1365 CVE-2020-1406 CVE-2020-1450
CVE-2020-1366 CVE-2020-1407 CVE-2020-1451
CVE-2020-1368 CVE-2020-1408 CVE-2020-1454
CVE-2020-1369 CVE-2020-1409 CVE-2020-1456
CVE-2020-1370 CVE-2020-1410 CVE-2020-1457
CVE-2020-1371 CVE-2020-1411 CVE-2020-1463
CVE-2020-1372 CVE-2020-1412 CVE-2020-1465
CVE-2020-1373 CVE-2020-1413 CVE-2020-1469
CVE-2020-1374 CVE-2020-1414 CVE-2020-1481
CVE-2020-1375 CVE-2020-1415
Descripción
Impacto
Dependiendo de la vulnerabilidad informada por Microsoft se pueden provocar denegaciones de servicio, elevación de privilegios, acceso a información confidencial, ejecución de código remoto o spoofing. El detalle de cada una de las vulnerabilidades se podrá revisar en los enlaces.
Productos Afectados
- .NET Core 2.1
- .NET Core 3.1
- Azure DevOps Server 2019
- Azure Storage Explorer
- Bond 9.0.1
- Internet Explorer 9, 11
- Microsoft .NET Framework
- 0 Service Pack 2
- 0 Service Pack 2
- 5
- 5 y 4.6.2/4.7/4.7.1/4.7.2
- 5 y 4.6/4.6.1/4.6.2
- 5 y 4.7.1/4.7.2
- 5 y 4.7.2
- 5 y 4.8
- 5.1
- 5.2
- 6
- 6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
- 8
- Microsoft 365 Apps for Enterprise (32-bit y 64-bit)
- Microsoft Bing Search for Android
- Microsoft Edge (EdgeHTML-based)
- Microsoft Forefront Endpoint Protection 2010
- Microsoft Lync Server 2013
- Microsoft Office
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- 2016 for Mac
- 2019 (32-bit y 64-bit editions)
- 2019 for Mac
- Online Server
- Web Apps 2013 Service Pack 1
- Web Apps 2010 Service Pack 2
- Microsoft Outlook
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit edition)
- Microsoft Project
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- Microsoft Security Essentials
- Microsoft SharePoint
- Enterprise Server 2013 Service Pack 1
- Enterprise Server 2016
- Foundation 2013 Service Pack 1
- Server 2010 Service Pack 2
- Server 2019
- Microsoft System Center
- 2012 Endpoint Protection
- 2012 R2 Endpoint Protection
- Endpoint Protection
- Microsoft Visual Studio
- 2015 Update 3
- 2017 version 15.9 (incluidos 15.1 - 15.8)
- 2019 version 16.0
- 2019 version 16.4 (incluidos 16.0 - 16.3)
- 2019 version 16.6 (incluidos 16.0 - 16.5)
- Code ESLint extension
- Microsoft Word
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- OneDrive for Windows
- Skype for Business Server
- 2015 CU 8
- 2019 CU2
- TypeScript
- Visual Studio Code
- Windows 10
- Version 1607, 1709, 1803, 1809, 1903, 1909, 2004, para 32 bit, 64 bit y ARM64-based
- Windows 7
- 32-bit Systems Service Pack 1
- x64-based Systems Service Pack 1
- Windows 8.1
- 32-bit systems
- x64-based systems
- Windows Defender
- Windows RT 8.1
- Windows Server 2008
- 32-bit Systems Service Pack 2
- 32-bit Systems Service Pack 2 (Server Core installation)
- Itanium-Based Systems Service Pack 2
- x64-based Systems Service Pack 2
- x64-based Systems Service Pack 2 (Server Core installation)
- R2 for Itanium-Based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012
- 2012
- Server Core installation
- R2 y R2 (Server Core installation)
- Windows Server 2016
- 2016
- Server Core installation
- Windows Server 2019
- 2019
- Server Core installation
- Windows Server
- version 1903 (Server Core installation)
- version 1909 (Server Core installation)
- version 2004 (Server Core installation)
Mitigación
Aplicar las actualizaciones publicadas por el fabricante.
Enlace
https://portal.msrc.microsoft.com/en-us/security-guidance
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Jul
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200008
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1032
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1036
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1040
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1041
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1042
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1043
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1240
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1330
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1342
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1346
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1349
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1350
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1351
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1358
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1361
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1367
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1386
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1389
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1391
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1397
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1419
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1420
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1426
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1432
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1433
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1439
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1442
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1445
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1447
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1448
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1449
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1458
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1461
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1462
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1468
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1025
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1085
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1249
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1267
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1326
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1333
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1336
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1344
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1347
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1352
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1353
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1354
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1355
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1356
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1357
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1359
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1360
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1362
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1363
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1364
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1365
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1366
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1368
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1369
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1370
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1371
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1372
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1373
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1374
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1375
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1381
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1382
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1384
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1385
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1387
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1388
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1390
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1392
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1393
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1394
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1395
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1396
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1398
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1399
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1400
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1401
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1402
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1403
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1404
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1405
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1406
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1407
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1408
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1409
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1410
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1411
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1412
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1413
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1414
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1415
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1416
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1418
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1421
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1422
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1423
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1424
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1425
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1427
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1428
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1429
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1430
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1431
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1434
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1435
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1437
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1438
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1441
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1443
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1444
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1450
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1451
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1454
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1456
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1457
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1463
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1465
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1469
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1481
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA20-00270-01