9VSA-00085-001 CSIRT comparte actualizaciones de noviembre entregadas por Microsoft
CSIRT comparte la información entregada por Microsoft en su reporte mensual de actualizaciones
Resumen
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a noviembre del 2019, publicando 2 avisos y actualizaciones para 74 vulnerabilidades en sus sotwares, 13 de ellos, clasificados como críticos.
Vulnerabilidad
Informados en el boletín de ocubre
ADV190024 CVE-2019-1409 CVE-2019-1442
CVE-2018-12207 CVE-2019-1411 CVE-2019-1443
CVE-2019-11135 CVE-2019-1412 CVE-2019-1445
CVE-2019-1324 CVE-2019-1418 CVE-2019-1446
CVE-2019-1370 CVE-2019-1432 CVE-2019-1447
CVE-2019-1374 CVE-2019-1436 CVE-2019-1448
CVE-2019-1381 CVE-2019-1439 CVE-2019-1449
CVE-2019-1402 CVE-2019-1440 CVE-2019-1457
Informados adicionalmente
CVE-2019-0712 CVE-2019-1394 CVE-2019-1423
CVE-2019-0721 CVE-2019-1395 CVE-2019-1424
CVE-2019-1234 CVE-2019-1396 CVE-2019-1425
CVE-2019-1309 CVE-2019-1397 CVE-2019-1426
CVE-2019-1310 CVE-2019-1398 CVE-2019-1427
CVE-2019-1373 CVE-2019-1399 CVE-2019-1428
CVE-2019-1379 CVE-2019-1405 CVE-2019-1429
CVE-2019-1380 CVE-2019-1406 CVE-2019-1430
CVE-2019-1382 CVE-2019-1407 CVE-2019-1433
CVE-2019-1383 CVE-2019-1408 CVE-2019-1434
CVE-2019-1384 CVE-2019-1413 CVE-2019-1435
CVE-2019-1385 CVE-2019-1414 CVE-2019-1437
CVE-2019-1388 CVE-2019-1415 CVE-2019-1438
CVE-2019-1389 CVE-2019-1416 CVE-2019-1441
CVE-2019-1390 CVE-2019-1417 CVE-2019-1454
CVE-2019-1391 CVE-2019-1419 CVE-2019-1456
CVE-2019-1392 CVE-2019-1420
CVE-2019-1393 CVE-2019-1422
Productos Afectados
- Azure App Service on Azure Stack
- ChakraCore
- Excel Services
- Internet Explorer 9, 10, 11
- Microsoft Edge (EdgeHTML-based)
- Microsoft Excel
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- 2016 for Mac
- Microsoft Exchange Server
- 2013 Cumulative Update 23
- 2016 Cumulative Update 13
- 2016 Cumulative Update 14
- 2019 Cumulative Update 2
- 2019 Cumulative Update 3
- Microsoft Office
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- 2016 for Mac
- 2019 (32-bit y 64-bit editions)
- 2019 for Mac
- Online Server
- Microsoft SharePoint
- Enterprise Server 2013 Service Pack 1
- Enterprise Server 2016
- 2010 Service Pack 2
- 2013 Service Pack 1
- Server 2019
- Microsoft Visual Studio
- 2017 version 15.9
- 2019 version 16.0
- 2019 version 16.3
- Office 365 ProPlus (para sistemas de 32-bit y 64-bit)
- Office Online Server
- Open Enclave SDK
- Visual Studio Code
- Windows 10
- Version 1607, 1703, 1709, 1803, 1809, 1903, para 32 y 64 bit
- Windows 7
- 32-bit Systems Service Pack 1
- x64-based Systems Service Pack 1
- Windows 8.1
- 32-bit systems
- x64-based systems
- Windows RT 8.1
- Windows Server 2008
- 32-bit Systems Service Pack 2
- 32-bit Systems Service Pack 2 (Server Core installation)
- Itanium-Based Systems Service Pack 2
- x64-based Systems Service Pack 2
- x64-based Systems Service Pack 2 (Server Core installation)
- R2 for Itanium-Based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012
- 2012
- Server Core installation
- R2 y R2 (Server Core installation)
- Windows Server 2016
- 2016
- Server Core installation
- Windows Server 2019
- 2019
- Server Core installation
- Windows Server
- version 1803 (Server Core Installation)
- version 1903 (Server Core installation)
Mitigación
Aplicar las actualizaciones publicadas por el fabricante.
Enlace
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/164aa83e-499c-e911-a994-000d3a33c573
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV190024
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-12207
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-11135
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1324
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1370
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1374
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1381
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1402
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1409
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1411
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1412
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1418
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1432
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1436
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1439
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1440
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1442
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1443
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1445
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1447
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1448
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1449
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1457
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0712
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0721
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1234
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1309
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1310
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1373
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1379
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1380
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1382
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1383
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1384
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1385
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1388
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1389
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1390
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1391
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1392
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1393
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1394
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1395
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1396
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1397
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1398
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1399
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1405
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1406
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1407
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1408
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1413
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1414
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1415
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1416
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1417
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1419
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1420
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1422
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1423
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1424
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1425
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1426
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1427
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1428
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1429
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1430
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1433
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1434
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1435
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1437
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1438
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1441
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1454
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1456
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA-00085-001.docx