Compartir:

Facebook Twitter Mastodon Telegram Twitter WhatsApp

9VSA-00099-001 CSIRT comparte 36 parches entregados por Microsoft para sus productos

CSIRT comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a Diciembre

Resumen

El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT, comparte la información entregada por Microsoft en su reporte mensual de actualizaciones correspondiente a Diciembre del 2019, en el que pone a disposición del público un total de 36 parches para mitigar vulnerabilidades en sus softwares.

Vulnerabilidad

CVE-2019-1332

CVE-2019-1349

CVE-2019-1350

CVE-2019-1351

CVE-2019-1352

CVE-2019-1354

CVE-2019-1387

CVE-2019-1400

CVE-2019-1453

CVE-2019-1458

CVE-2019-1461

CVE-2019-1462

CVE-2019-1463

CVE-2019-1464

CVE-2019-1465

CVE-2019-1466

CVE-2019-1467

CVE-2019-1468

CVE-2019-1469

CVE-2019-1470

CVE-2019-1471

CVE-2019-1472

CVE-2019-1474

CVE-2019-1476

CVE-2019-1477

CVE-2019-1478

CVE-2019-1480

CVE-2019-1481

CVE-2019-1483

CVE-2019-1484

CVE-2019-1485

CVE-2019-1486

CVE -2019-1487

CVE-2019-1488

CVE-2019-1489

CVE-2019-1490

Productos Afectados

  • Internet Explorer 9, 10, 11
  • Microsoft Authentication Library (MSAL) for Android
  • Microsoft Excel
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
  • Microsoft Office
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
    • 2016 for Mac
    • 2019 (32-bit y 64-bit editions)
    • 2019 for Mac
  • Microsoft Powerpoint
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
  • Microsoft Visual Studio
    • 2017 versión 15.0 -15.9, 16.0
    • 2019 versión 16.0 – 16.4
  • Microsoft Visual Studio Live Share extension
  • Microsoft Windows XP Service Pack 3
  • Microsoft Word
    • 2010 Service Pack 2 (32-bit y 64-bit editions)
    • 2013 RT Service Pack 1
    • 2013 Service Pack 1 (32-bit y 64-bit editions)
    • 2016 (32-bit y 64-bit editions)
  • Office 365 ProPlus (para sistemas de 32-bit y 64-bit)
  • Power BI Report Server
  • Skype for Business Server 2019  CU2
  • SQL Server 2017 Reporting Services
  • SQL Server 2019 Reporting Services
  • Windows 10
    • Version 1607, 1703, 1709, 1803, 1809, 1903, para 32 y 64 bit
  • Windows 7
    • 32-bit Systems Service Pack 1
    • x64-based Systems Service Pack 1
  • Windows 8.1
    • 32-bit systems
    • x64-based systems
  • Windows Defender
  • Windows RT 8.1
  • Windows Server 2008
    • 32-bit Systems Service Pack 2
    • 32-bit Systems Service Pack 2 (Server Core installation)
    • Itanium-Based Systems Service Pack 2
    • x64-based Systems Service Pack 2
    • x64-based Systems Service Pack 2 (Server Core installation)
    • R2 for Itanium-Based Systems Service Pack 1
    • R2 for x64-based Systems Service Pack 1
    • R2 for x64-based Systems Service Pack 1 (Server Core installation)
  • Windows Server 2012
    • 2012
    • Server Core installation
    • R2 y R2 (Server Core installation)
  • Windows Server 2016
    • 2016
    • Server Core installation
  • Windows Server 2019
    • 2019
    • Server Core installation
  • Windows Server
    • version 1803 (Server Core Installation)
    • version 1903 (Server Core installation)

Mitigación

Aplicar las actualizaciones publicadas por el fabricante.

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec

Enlace

https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2019-Dec

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1332

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1349

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1350

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1351

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1352

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1354

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1387

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1400

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1453

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1461

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1462

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1463

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1464

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1465

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1466

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1467

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1468

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1469

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1470

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1471

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1472

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1474

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1476

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1477

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1478

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1480

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1481

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1483

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1484

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1485

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1486

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1487

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1488

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1489

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1490

Informe

El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA-00099-001.docx