CSIRT de Gobierno /
Alertas /
9VSA23-00878-01 CSIRT comparte vulnerabilidades publicadas en el Microsoft Update Tuesday de Agosto 2023

8 de agosto de 2023 a las 21:36

9VSA23-00878-01 CSIRT comparte vulnerabilidades publicadas en el Microsoft Update Tuesday de Agosto 2023

El CSIRT de Gobierno comparte información de vulnerabilidades parchadas por Microsoft como parte de su Update Tuesday correspondiente a agosto de 2023.

Resumen

El CSIRT de Gobierno comparte información de vulnerabilidades parchadas por Microsoft como parte de su Update Tuesday correspondiente a agosto de 2023.

Vulnerabilidades

ADV230003

ADV230004

CVE-2023-20569

CVE-2023-21709

CVE-2023-29328

CVE-2023-29330

CVE-2023-35359

CVE-2023-35368

CVE-2023-35371

CVE-2023-35372

CVE-2023-35376

CVE-2023-35377

CVE-2023-35378

CVE-2023-35379

CVE-2023-35380

CVE-2023-35381

CVE-2023-35382

CVE-2023-35383

CVE-2023-35384

CVE-2023-35385

CVE-2023-35386

CVE-2023-35387

CVE-2023-35388

CVE-2023-35389

CVE-2023-35390

CVE-2023-35391

CVE-2023-35393

CVE-2023-35394

CVE-2023-35945

CVE-2023-36865

CVE-2023-36866

CVE-2023-36869

CVE-2023-36873

CVE-2023-36876

CVE-2023-36877

CVE-2023-36881

CVE-2023-36882

CVE-2023-36889

CVE-2023-36890

CVE-2023-36891

CVE-2023-36892

CVE-2023-36893

CVE-2023-36894

CVE-2023-36895

CVE-2023-36896

CVE-2023-36897

CVE-2023-36898

CVE-2023-36899

CVE-2023-36900

CVE-2023-36903

CVE-2023-36904

CVE-2023-36905

CVE-2023-36906

CVE-2023-36907

CVE-2023-36908

CVE-2023-36909

CVE-2023-36910

CVE-2023-36911

CVE-2023-36912

CVE-2023-36913

CVE-2023-36914

CVE-2023-38154

CVE-2023-38157

CVE-2023-38167

CVE-2023-38169

CVE-2023-38170

CVE-2023-38172

CVE-2023-38175

CVE-2023-38176

CVE-2023-38178

CVE-2023-38180

CVE-2023-38181

CVE-2023-38182

CVE-2023-38184

CVE-2023-38185

CVE-2023-38186

CVE-2023-38188

CVE-2023-38254

CVE-2023-4068

CVE-2023-4069

CVE-2023-4070

CVE-2023-4071

CVE-2023-4072

CVE-2023-4073

CVE-2023-4074

CVE-2023-4075

CVE-2023-4076

CVE-2023-4077

CVE-2023-4078

Impacto

Vulnerabilidades de riesgo crítico

CVE-2023-29328: Vulnerabilidad de ejecución remota de código en Microsoft Teams.

CVE-2023-29330: Vulnerabilidad de ejecución remota de código en Microsoft Teams.

CVE-2023-35385: Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing.

CVE-2023-36895: Vulnerabilidad de ejecución remota de código en Microsoft Outlook.

CVE-2023-36910: Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing.

CVE-2023-36911: Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing.

Mitigación

Instalar las respectivas actualizaciones entregadas por el proveedor.

Productos afectados

.NET Core

.NET Framework

ASP .NET

ASP.NET

ASP.NET and Visual Studio

Azure Arc

Azure DevOps

Azure HDInsights

Dynamics Business Central Control

Mariner

Memory Integrity System Readiness Scan Tool

Microsoft Dynamics

Microsoft Edge (Chromium-based)

Microsoft Exchange Server

Microsoft Office

Microsoft Office Excel

Microsoft Office Outlook

Microsoft Office SharePoint

Microsoft Office Visio

Microsoft Teams

Microsoft WDAC OLE DB provider for SQL

Microsoft Windows

Microsoft Windows Codecs Library

Reliability Analysis Metrics Calculation Engine

Role: Windows Hyper-V

SQL Server

Tablet Windows User Interface

Windows Bluetooth A2DP driver

Windows Cloud Files Mini Filter Driver

Windows Common Log File System Driver

Windows Cryptographic Services

Windows Defender

Windows Fax and Scan Service

Windows Group Policy

Windows HTML Platform

Windows Kernel

Windows LDAP - Lightweight Directory Access Protocol

Windows Message Queuing

Windows Mobile Device Management

Windows Projected File System

Windows Reliability Analysis Metrics Calculation Engine

Windows Smart Card

Windows System Assessment Tool

Windows Wireless Wide Area Network Service

Enlaces

https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21709

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29328

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29330

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35359

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35368

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35371

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35372

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35376

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35377

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35378

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35379

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35380

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35381

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35382

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35383

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35384

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35385

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35386

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35387

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35388

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35389

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35390

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35391

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35393

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35394

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35945

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36865

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36866

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36869

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36873

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36876

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36877

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36881

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36882

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36889

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36890

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36891

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36892

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36893

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36894

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36895

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36896

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36897

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36898

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36899

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36900

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36903

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36904

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36905

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36906

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36907

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36908

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36909

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36910

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36911

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36912

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36913

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36914

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38154

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38157

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38167

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38169

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38170

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38172

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38175

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38176

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38178

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38180

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38181

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38182

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38184

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38185

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38186

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38188

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38254

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4068

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4069

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4070

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4071

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4072

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4073

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4074

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4075

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4076

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4077

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4078

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA23-00878-01.

9VSA23-00878-01 CSIRT comparte vulnerabilidades publicadas en el Microsoft Update Tuesday de Agosto 2023

El CSIRT de Gobierno comparte información de vulnerabilidades parchadas por Microsoft como parte de su Update Tuesday correspondiente a agosto de 2023.

Documentos Relacionados