9VSA23-00878-01 CSIRT comparte vulnerabilidades publicadas en el Microsoft Update Tuesday de Agosto 2023
El CSIRT de Gobierno comparte información de vulnerabilidades parchadas por Microsoft como parte de su Update Tuesday correspondiente a agosto de 2023.
Resumen
El CSIRT de Gobierno comparte información de vulnerabilidades parchadas por Microsoft como parte de su Update Tuesday correspondiente a agosto de 2023.
Vulnerabilidades
ADV230003
ADV230004
CVE-2023-20569
CVE-2023-21709
CVE-2023-29328
CVE-2023-29330
CVE-2023-35359
CVE-2023-35368
CVE-2023-35371
CVE-2023-35372
CVE-2023-35376
CVE-2023-35377
CVE-2023-35378
CVE-2023-35379
CVE-2023-35380
CVE-2023-35381
CVE-2023-35382
CVE-2023-35383
CVE-2023-35384
CVE-2023-35385
CVE-2023-35386
CVE-2023-35387
CVE-2023-35388
CVE-2023-35389
CVE-2023-35390
CVE-2023-35391
CVE-2023-35393
CVE-2023-35394
CVE-2023-35945
CVE-2023-36865
CVE-2023-36866
CVE-2023-36869
CVE-2023-36873
CVE-2023-36876
CVE-2023-36877
CVE-2023-36881
CVE-2023-36882
CVE-2023-36889
CVE-2023-36890
CVE-2023-36891
CVE-2023-36892
CVE-2023-36893
CVE-2023-36894
CVE-2023-36895
CVE-2023-36896
CVE-2023-36897
CVE-2023-36898
CVE-2023-36899
CVE-2023-36900
CVE-2023-36903
CVE-2023-36904
CVE-2023-36905
CVE-2023-36906
CVE-2023-36907
CVE-2023-36908
CVE-2023-36909
CVE-2023-36910
CVE-2023-36911
CVE-2023-36912
CVE-2023-36913
CVE-2023-36914
CVE-2023-38154
CVE-2023-38157
CVE-2023-38167
CVE-2023-38169
CVE-2023-38170
CVE-2023-38172
CVE-2023-38175
CVE-2023-38176
CVE-2023-38178
CVE-2023-38180
CVE-2023-38181
CVE-2023-38182
CVE-2023-38184
CVE-2023-38185
CVE-2023-38186
CVE-2023-38188
CVE-2023-38254
CVE-2023-4068
CVE-2023-4069
CVE-2023-4070
CVE-2023-4071
CVE-2023-4072
CVE-2023-4073
CVE-2023-4074
CVE-2023-4075
CVE-2023-4076
CVE-2023-4077
CVE-2023-4078
Impacto
Vulnerabilidades de riesgo crítico
CVE-2023-29328: Vulnerabilidad de ejecución remota de código en Microsoft Teams.
CVE-2023-29330: Vulnerabilidad de ejecución remota de código en Microsoft Teams.
CVE-2023-35385: Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing.
CVE-2023-36895: Vulnerabilidad de ejecución remota de código en Microsoft Outlook.
CVE-2023-36910: Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing.
CVE-2023-36911: Vulnerabilidad de ejecución remota de código en Microsoft Message Queuing.
Mitigación
Instalar las respectivas actualizaciones entregadas por el proveedor.
Productos afectados
.NET Core
.NET Framework
ASP .NET
ASP.NET
ASP.NET and Visual Studio
Azure Arc
Azure DevOps
Azure HDInsights
Dynamics Business Central Control
Mariner
Memory Integrity System Readiness Scan Tool
Microsoft Dynamics
Microsoft Edge (Chromium-based)
Microsoft Exchange Server
Microsoft Office
Microsoft Office Excel
Microsoft Office Outlook
Microsoft Office SharePoint
Microsoft Office Visio
Microsoft Teams
Microsoft WDAC OLE DB provider for SQL
Microsoft Windows
Microsoft Windows Codecs Library
Reliability Analysis Metrics Calculation Engine
Role: Windows Hyper-V
SQL Server
Tablet Windows User Interface
Windows Bluetooth A2DP driver
Windows Cloud Files Mini Filter Driver
Windows Common Log File System Driver
Windows Cryptographic Services
Windows Defender
Windows Fax and Scan Service
Windows Group Policy
Windows HTML Platform
Windows Kernel
Windows LDAP - Lightweight Directory Access Protocol
Windows Message Queuing
Windows Mobile Device Management
Windows Projected File System
Windows Reliability Analysis Metrics Calculation Engine
Windows Smart Card
Windows System Assessment Tool
Windows Wireless Wide Area Network Service
Enlaces
https://msrc.microsoft.com/update-guide/releaseNote/2023-Aug
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20569
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29328
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29330
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35359
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35371
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35376
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35377
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35378
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35379
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35393
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35394
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-35945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36865
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36866
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36869
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36876
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36877
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36889
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36890
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36892
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36893
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36894
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36895
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36896
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36897
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36898
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36899
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36904
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36906
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36907
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36908
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36910
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36914
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38154
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38157
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38167
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38169
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38170
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38172
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38175
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38180
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38184
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38185
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38186
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38188
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38254
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4068
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4069
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4070
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4071
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4072
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4074
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4076
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4077
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4078
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA23-00878-01.