9VSA24-00983-01 CSIRT comparte vulnerabilidades parchadas en el Update Tuesday de Microsoft para marzo 2024
El CSIRT de Gobierno comparte información de las vulnerabilidades parchadas en la actualización de seguridad mensual de Microsoft, Update Tuesday, correspondiente a marzo de 2024.
Resumen
El CSIRT de Gobierno comparte información de las vulnerabilidades parchadas en la actualización de seguridad mensual de Microsoft, Update Tuesday, correspondiente a marzo de 2024.
Vulnerabilidades
Impacto
Vulnerabilidades de riesgo crítico:
CVE-2024-21408: Vulnerabilidad de denegación de servicio en Windows Hyper-V. CVSS: 5.5.
CVE-2024-21407: Vulnerabilidad de denegación de servicio en Windows Hyper-V. CVSS: 8.1.
Mitigación
Implementar los parches correspondientes. Detalles y enlaces de descarga en https://msrc.microsoft.com/update-guide/.
Productos afectados
.NET 7.0
.NET 8.0
Azure Automation
Azure Automation Update Management
Azure Data Studio
Azure Kubernetes Service Confidential Containers
Azure SDK
Azure Security Center
Azure Sentinel
Container Monitoring Solution
Intune Company Portal for Android
Log Analytics Agent
Microsoft 365 Apps for Enterprise for 64-bit Systems
Microsoft Authenticator
Microsoft Dynamics 365 (on-premises) version 9.1
Microsoft Exchange Server 2016 Cumulative Update 23
Microsoft Exchange Server 2019 Cumulative Update 13
Microsoft Exchange Server 2019 Cumulative Update 14
Microsoft Outlook for Android
Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Server 2019
Microsoft SharePoint Server Subscription Edition
Microsoft Teams for Android
Microsoft Visual Studio 2022 version 17.4
Microsoft Visual Studio 2022 version 17.6
Microsoft Visual Studio 2022 version 17.8
Microsoft Visual Studio 2022 version 17.9
Open Management Infrastructure
Operations Management Suite Agent for Linux (OMS)
Product
Skype for Consumer
Software for Open Networking in the Cloud (SONiC) 201811
Software for Open Networking in the Cloud (SONiC) 201911
Software for Open Networking in the Cloud (SONiC) 202012
Software for Open Networking in the Cloud (SONiC) 202205
SQL Server backend for Django
System Center Operations Manager (SCOM) 2019
System Center Operations Manager (SCOM) 2022
Visual Studio Code
Windows 10 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 11 version 21H2 for x64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 11 Version 22H2 for x64-based Systems
Windows 11 Version 23H2 for ARM64-based Systems
Windows 11 Version 23H2 for x64-based Systems
Windows Defender Antimalware Platform
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows Server 2019
Windows Server 2019 (Server Core installation)
Windows Server 2022
Windows Server 2022 (Server Core installation)
Windows Server 2022, 23H2 Edition (Server Core installation)
Enlaces
https://msrc.microsoft.com/update-guide/releaseNote/2024-Mar
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA24-00983-01.