9VSA-00099-001 CSIRT comparte 36 parches entregados por Microsoft para sus productos
CSIRT comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a Diciembre
Resumen
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a Diciembre del 2019, en el que pone a disposición del público un total de 36 parches para mitigar vulnerabilidades en sus softwares.
Vulnerabilidad
CVE-2019-1332
CVE-2019-1349
CVE-2019-1350
CVE-2019-1351
CVE-2019-1352
CVE-2019-1354
CVE-2019-1387
CVE-2019-1400
CVE-2019-1453
CVE-2019-1458
CVE-2019-1461
CVE-2019-1462
CVE-2019-1463
CVE-2019-1464
CVE-2019-1465
CVE-2019-1466
CVE-2019-1467
CVE-2019-1468
CVE-2019-1469
CVE-2019-1470
CVE-2019-1471
CVE-2019-1472
CVE-2019-1474
CVE-2019-1476
CVE-2019-1477
CVE-2019-1478
CVE-2019-1480
CVE-2019-1481
CVE-2019-1483
CVE-2019-1484
CVE-2019-1485
CVE-2019-1486
CVE -2019-1487
CVE-2019-1488
CVE-2019-1489
CVE-2019-1490
Productos Afectados
- Internet Explorer 9, 10, 11
- Microsoft Authentication Library (MSAL) for Android
- Microsoft Excel
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- Microsoft Office
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- 2016 for Mac
- 2019 (32-bit y 64-bit editions)
- 2019 for Mac
- Microsoft Powerpoint
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- Microsoft Visual Studio
- 2017 versión 15.0 -15.9, 16.0
- 2019 versión 16.0 – 16.4
- Microsoft Visual Studio Live Share extension
- Microsoft Windows XP Service Pack 3
- Microsoft Word
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- Office 365 ProPlus (para sistemas de 32-bit y 64-bit)
- Power BI Report Server
- Skype for Business Server 2019 CU2
- SQL Server 2017 Reporting Services
- SQL Server 2019 Reporting Services
- Windows 10
- Version 1607, 1703, 1709, 1803, 1809, 1903, para 32 y 64 bit
- Windows 7
- 32-bit Systems Service Pack 1
- x64-based Systems Service Pack 1
- Windows 8.1
- 32-bit systems
- x64-based systems
- Windows Defender
- Windows RT 8.1
- Windows Server 2008
- 32-bit Systems Service Pack 2
- 32-bit Systems Service Pack 2 (Server Core installation)
- Itanium-Based Systems Service Pack 2
- x64-based Systems Service Pack 2
- x64-based Systems Service Pack 2 (Server Core installation)
- R2 for Itanium-Based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012
- 2012
- Server Core installation
- R2 y R2 (Server Core installation)
- Windows Server 2016
- 2016
- Server Core installation
- Windows Server 2019
- 2019
- Server Core installation
- Windows Server
- version 1803 (Server Core Installation)
- version 1903 (Server Core installation)
Mitigación
Aplicar las actualizaciones publicadas por el fabricante.
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec
Enlace
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1332
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1387
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1400
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1453
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1461
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1462
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1463
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1464
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1465
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1466
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1467
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1469
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1470
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1471
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1472
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1474
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1476
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1477
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1478
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1480
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1481
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1483
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1484
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1485
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1486
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1487
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1488
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1489
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1490
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA-00099-001.docx