9VSA20-00283-01 CSIRT comparte actualizaciones obtenidas por Microsoft
CSIRT comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a agosto de 2020.
RESUMEN
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a agosto de 2020, parchando 31 vulnerabilidades en sus softwares clasificando a 3 de ellas como críticas y 28 como importantes, además se informa de 91 vulnerabilidades adicionales al reporte mensual, 11 de ellas clasificadas como críticas, 79 como importantes y una como moderada.
VULNERABILIDADES
Informadas en el reporte mensual correspondiente al mes de julio
CVE-2020-1046 CVE-2020-1497 CVE-2020-1560
CVE-2020-1383 CVE-2020-1498 CVE-2020-1563
CVE-2020-1459 CVE-2020-1502 CVE-2020-1571
CVE-2020-1472 CVE-2020-1503 CVE-2020-1574
CVE-2020-1474 CVE-2020-1504 CVE-2020-1577
CVE-2020-1483 CVE-2020-1505 CVE-2020-1578
CVE-2020-1487 CVE-2020-1510 CVE-2020-1581
CVE-2020-1493 CVE-2020-1512 CVE-2020-1583
CVE-2020-1494 CVE-2020-1530 CVE-2020-1585
CVE-2020-1495 CVE-2020-1537
CVE-2020-1496 CVE-2020-1548
Vulnerabilidades adicionales informadas
ADV200011 CVE-2020-1501 CVE-2020-1546
CVE-2020-0604 CVE-2020-1509 CVE-2020-1547
CVE-2020-1337 CVE-2020-1511 CVE-2020-1549
CVE-2020-1339 CVE-2020-1513 CVE-2020-1550
CVE-2020-1341 CVE-2020-1515 CVE-2020-1551
CVE-2020-1377 CVE-2020-1516 CVE-2020-1552
CVE-2020-1378 CVE-2020-1517 CVE-2020-1553
CVE-2020-1379 CVE-2020-1518 CVE-2020-1554
CVE-2020-1380 CVE-2020-1519 CVE-2020-1555
CVE-2020-1417 CVE-2020-1520 CVE-2020-1556
CVE-2020-1455 CVE-2020-1521 CVE-2020-1557
CVE-2020-1464 CVE-2020-1522 CVE-2020-1558
CVE-2020-1466 CVE-2020-1524 CVE-2020-1561
CVE-2020-1467 CVE-2020-1525 CVE-2020-1562
CVE-2020-1470 CVE-2020-1526 CVE-2020-1564
CVE-2020-1473 CVE-2020-1527 CVE-2020-1565
CVE-2020-1475 CVE-2020-1528 CVE-2020-1566
CVE-2020-1476 CVE-2020-1529 CVE-2020-1567
CVE-2020-1477 CVE-2020-1531 CVE-2020-1568
CVE-2020-1478 CVE-2020-1533 CVE-2020-1569
CVE-2020-1479 CVE-2020-1534 CVE-2020-1570
CVE-2020-1480 CVE-2020-1535 CVE-2020-1573
CVE-2020-1484 CVE-2020-1536 CVE-2020-1579
CVE-2020-1485 CVE-2020-1538 CVE-2020-1580
CVE-2020-1486 CVE-2020-1539 CVE-2020-1582
CVE-2020-1488 CVE-2020-1540 CVE-2020-1584
CVE-2020-1489 CVE-2020-1541 CVE-2020-1587
CVE-2020-1490 CVE-2020-1542 CVE-2020-1591
CVE-2020-1492 CVE-2020-1543 CVE-2020-1597
CVE-2020-1499 CVE-2020-1544
CVE-2020-1500 CVE-2020-1545
Impacto
Dependiendo de la vulnerabilidad informada por Microsoft se pueden provocar denegaciones de servicio, elevación de privilegios, acceso a información confidencial, ejecución de código remoto o spoofing. El detalle de cada una de las vulnerabilidades se podrá revisar en los enlaces.
Productos afectados
- .NET Core 3.1
- ChakraCore
- Internet Explorer 9, 11
- Microsoft .NET Framework
- 0 Service Pack 2
- 5
- 5 y 4.6.2/4.7/4.7.1/4.7.2
- 5 y 4.6/4.6.1/4.6.2
- 5 y 4.7.1/4.7.2
- 5 y 4.7.2
- 5 y 4.8
- 5.1
- 5.2
- 6
- 6/4.6.1/4.6.2/4.7/4.7.1/4.7.2
- 8
- Microsoft 365 Apps for Enterprise (32-bit y 64-bit)
- Microsoft Access
- 2010 Service Pack 2 (32-bit y 64-bit)
- 2013 Service Pack 1 (32-bit y 64-bit)
- 2016 (32-bit y 64-bit)
- Microsoft Dynamics 365 (on-premises) version 9.0
- Microsoft Edge (Chromium-based y EdgeHTML-based)
- Microsoft Excel
- 2010 Service Pack 2 (32-bit y 64-bit)
- 2013 RT Service Pack 1
- 2013 Service Pack 2 (32-bit y 64-bit)
- 2016 (32-bit y 64-bit)
- Microsoft Office
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 Click-to-Run (C2R) (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- 2016 for Mac
- 2019 (32-bit y 64-bit editions)
- 2019 for Mac
- Online Server
- Web Apps 2013 Service Pack 1
- Web Apps 2010 Service Pack 2
- Microsoft Outlook
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit edition)
- Microsoft SharePoint
- Enterprise Server 2013 Service Pack 1
- Enterprise Server 2016
- Foundation 2010 Service Pack 2
- Foundation 2013 Service Pack 1
- Server 2010 Service Pack 2
- Server 2019
- Microsoft Visual Studio
- 2017 version 15.9 (incluidos 15.1 - 15.8)
- 2019 version 16.0
- 2019 version 16.4 (incluidos 16.0 - 16.3)
- 2019 version 16.7 (incluidos 16.0 - 16.6)
- Microsoft Word
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- Office Online Server
- SQL Server Management Studio 18.6
- Visual Studio Code
- Windows 10
- Version 1607, 1709, 1803, 1809, 1903, 1909, 2004, para 32 bit, 64 bit y ARM64-based
- Windows 7
- 32-bit Systems Service Pack 1
- x64-based Systems Service Pack 1
- Windows 8.1
- 32-bit systems
- x64-based systems
- Windows RT 8.1
- Windows Server 2008
- 32-bit Systems Service Pack 2
- 32-bit Systems Service Pack 2 (Server Core installation)
- x64-based Systems Service Pack 2
- x64-based Systems Service Pack 2 (Server Core installation)
- R2 for x64-based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012
- 2012
- Server Core installation
- R2 y R2 (Server Core installation)
- Windows Server 2016
- 2016
- Server Core installation
- Windows Server 2019
- 2019
- Server Core installation
- Windows Server
- version 1903 (Server Core installation)
- version 1909 (Server Core installation)
- version 2004 (Server Core installation)
Mitigación
Aplicar las actualizaciones publicadas por el fabricante.
Enlace
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Aug
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1046
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1383
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1459
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1474
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1483
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1487
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1493
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1494
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1495
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1496
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1497
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1498
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1502
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1503
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1504
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1505
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1510
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1512
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1530
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1537
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1548
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1560
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1563
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1571
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1574
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1577
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1578
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1581
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1583
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1585
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0604
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1341
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1377
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1378
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1417
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1455
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1466
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1467
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1470
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1473
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1475
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1476
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1477
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1478
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1479
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1480
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1484
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1485
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1486
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1488
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1490
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1492
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1499
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1500
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1501
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1511
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1513
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1515
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1516
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1517
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1518
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1519
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1520
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1521
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1522
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1524
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1525
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1526
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1527
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1528
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1529
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1531
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1533
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1534
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1535
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1536
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1539
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1540
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1541
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1542
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1543
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1544
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1545
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1546
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1547
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1549
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1550
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1551
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1552
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1553
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1554
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1555
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1556
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1557
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1558
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1561
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1562
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1564
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1565
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1566
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1568
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1569
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1570
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1573
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1579
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1580
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1582
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1584
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1587
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1591
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1597
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA20-00283-01