Vulnerabilidades
.NET and Visual Studio
Microsoft Office Excel
Windows Update Stack
Servicing Stack Updates
Windows Routing and Remote Access Service (RRAS)
Windows Kerberos
Microsoft Office Outlook
Windows Compressed Folder
Microsoft WDAC OLE DB provider for SQL
Windows Secure Boot
Windows DWM Core Library
Windows Kernel
Line Printer Daemon Service (LPD)
Microsoft Teams
Azure CycleCloud
Windows TCP/IP
Microsoft Streaming Service
Windows NT OS Kernel
Microsoft Dynamics
Windows Kernel-Mode Drivers
Microsoft Office
Microsoft Update Tuesday 2024 Agosto
Update Tuesday Agosto 2024
Azure Stack
Microsoft Office Project
Microsoft Local Security Authority Server (lsasrv)
Microsoft Windows DNS
Microsoft Office Visio
Windows WLAN Auto Config Service
Windows App Installer
Visual Studio
Windows Deployment Services
Windows Security Center
Windows Network Virtualization
Windows Cloud Files Mini Filter Driver
Reliable Multicast Transport Driver (RMCAST)
Windows Layer-2 Bridge Network Driver
Azure IoT SDK
Windows Resource Manager
Windows Clipboard Virtual Channel Extension
Windows Mobile Broadband
Windows Common Log File System Driver
Microsoft Bluetooth Driver
Microsoft Office PowerPoint
Microsoft Edge (Chromium-based)
Windows Print Spooler Components
Windows NTFS
Windows Mark of the Web (MOTW)
Windows Network Address Translation (NAT)
Azure Health Bot
Windows Initial Machine Configuration
Windows Ancillary Function Driver for WinSock
Windows Scripting
Windows IP Routing Management Snapin
Azure Connected Machine Agent
Windows Transport Security Layer (TLS)
Windows Secure Kernel Mode
Windows Power Dependency Coordinator
Windows SmartScreen

Compartir:

Facebook Twitter Mastodon Telegram Twitter WhatsApp

Microsoft Update Tuesday 2024 Agosto - Vulnerabilidades

VSA24-01060

Desde el CSIRT de Gobierno informamos frecuentemente de vulnerabilidades importantes que pueden afectar sus aplicaciones, datos o equipos.

Preview VSA24-01060

En esta ocasión compartimos la información publicada por Microsoft como parte de su paquete de parches Update Tuesday de agosto de 2024. Se trata de parches para 89 vulnerabilidades, incluyendo 9 de día cero.

Vulnerabilidades

ID CVSS EPSS
CVE-2024-38155 5.5 0.0480%
CVE-2024-38154 8.8 0.1060%
CVE-2024-38137 7.0 0.0540%
CVE-2024-38136 7.0 0.0540%
CVE-2024-38135 7.8 0.0480%
CVE-2024-38134 7.8 0.0430%
CVE-2024-38133 7.8 0.0480%
CVE-2024-38132 7.5 0.0630%
CVE-2024-38131 8.8 0.1060%
CVE-2024-38130 8.8 0.1060%
CVE-2024-38128 8.8 0.1060%
CVE-2024-38127 7.8 0.1460%
CVE-2024-38126 7.5 0.2330%
CVE-2024-38125 7.8 0.0480%
CVE-2024-38123 4.4 0.0480%
CVE-2024-38122 5.5 0.0430%
CVE-2024-38121 8.8 0.1060%
CVE-2024-38120 8.8 0.1060%
CVE-2024-38118 5.5 0.0430%
CVE-2024-38117 7.8 0.0480%
CVE-2024-38116 8.8 0.0460%
CVE-2024-38115 8.8 0.1060%
CVE-2024-38114 8.8 0.1060%
CVE-2024-38109 9.1 0.0930%
CVE-2024-38108 9.3 0.1810%
CVE-2024-38107 7.8 0.0430%
CVE-2024-38106 7.0 0.0430%
CVE-2024-38098 7.8 0.0480%
CVE-2024-38223 6.8 0.0510%
CVE-2024-38222 6.5 0.0920%
CVE-2024-38215 7.8 0.0480%
CVE-2024-38214 6.5 0.0920%
CVE-2024-38213 6.5 1.1370%
CVE-2024-38211 8.2 0.1110%
CVE-2024-38201 7.0 0.0500%
CVE-2024-38200 6.5 0.2760%
CVE-2024-38199 9.8 0.1140%
CVE-2024-38198 7.5 0.0460%
CVE-2024-38197 6.5 0.0630%
CVE-2024-38196 7.8 0.0480%
CVE-2024-38195 7.8 0.0480%
CVE-2024-38193 7.8 0.0430%
CVE-2024-38191 7.8 0.0480%
CVE-2024-38189 8.8 1.2370%
CVE-2024-38187 7.8 0.0480%
CVE-2024-38186 7.8 0.0480%
CVE-2024-38185 7.8 0.0480%
CVE-2024-38178 7.5 1.6460%
CVE-2024-38177 7.8 0.0500%
CVE-2024-38184 7.8 0.0480%
CVE-2024-38180 8.8 0.1060%
CVE-2024-38173 6.7 0.0530%
CVE-2024-38172 7.8 0.0500%
CVE-2024-38171 7.8 0.0510%
CVE-2024-38170 7.1 0.0500%
CVE-2024-38169 7.8 0.0500%
CVE-2024-38153 7.8 0.0480%
CVE-2024-38152 7.8 0.0500%
CVE-2024-38151 5.5 0.0480%
CVE-2024-38150 7.8 0.0590%
CVE-2024-38148 7.5 0.0630%
CVE-2024-38147 7.8 0.0590%
CVE-2024-38146 7.5 0.2330%
CVE-2024-38145 7.5 0.2330%
CVE-2024-38144 8.8 0.0460%
CVE-2024-38143 4.2 0.0500%
CVE-2024-38142 7.8 0.0480%
CVE-2024-38141 7.8 0.0590%
CVE-2024-38140 9.8 0.1140%
CVE-2024-38138 7.5 0.0460%
CVE-2024-38168 7.5 0.0630%
CVE-2024-38167 6.5 0.0920%
CVE-2024-38165 6.5 0.0730%
CVE-2024-38163 7.8 0.0460%
CVE-2024-38162 7.8 0.0480%
CVE-2024-38084 7.8 0.0480%
CVE-2024-38063 9.8 0.0990%
CVE-2024-37968 7.5 0.0990%
CVE-2024-29995 8.1 0.1110%
CVE-2024-29187 7.3 0.0450%
CVE-2024-21302 6.7 0.0430%
CVE-2023-40547 8.3 0.6490%
CVE-2022-3775 7.1 0.0440%
CVE-2022-2601 8.6 0.0750%
CVE-2024-38161 6.8 0.0510%
CVE-2024-38160 9.1 0.0460%
CVE-2024-38159 9.1 0.0450%
CVE-2024-38158 7.0 0.0590%
CVE-2024-38157 7.0 0.0480%

Versiones Afectadas

Producto Versiones
Windows Transport Security Layer (TLS)
Windows Kernel
Windows DWM Core Library
Windows Secure Kernel Mode
Windows NTFS
Windows Mobile Broadband
Windows TCP/IP
Microsoft Office Outlook
Windows Deployment Services
Microsoft Dynamics
Microsoft Streaming Service
Microsoft Edge (Chromium-based)
Windows NT OS Kernel
Servicing Stack Updates
Windows Power Dependency Coordinator
Windows Common Log File System Driver
Windows SmartScreen
Microsoft Teams
Windows Compressed Folder
Windows Kernel-Mode Drivers
Microsoft Office
Azure Stack
Microsoft Office Project
Windows Update Stack
Microsoft Local Security Authority Server (lsasrv)
Microsoft Windows DNS
Azure CycleCloud
Microsoft Office Visio
.NET and Visual Studio
Line Printer Daemon Service (LPD)
Visual Studio
Microsoft Office Excel
Windows WLAN Auto Config Service
Windows Security Center
Windows Network Virtualization
Reliable Multicast Transport Driver (RMCAST)
Windows Layer-2 Bridge Network Driver
Windows Cloud Files Mini Filter Driver
Azure IoT SDK
Windows Routing and Remote Access Service (RRAS)
Windows App Installer
Windows Resource Manager
Windows Clipboard Virtual Channel Extension
Windows Kerberos
Microsoft Bluetooth Driver
Windows Secure Boot
Microsoft Office PowerPoint
Windows Print Spooler Components
Windows Mark of the Web (MOTW)
Windows Network Address Translation (NAT)
Windows Initial Machine Configuration
Windows Ancillary Function Driver for WinSock
Azure Health Bot
Microsoft WDAC OLE DB provider for SQL
Windows Scripting
Windows IP Routing Management Snapin
Azure Connected Machine Agent

Mitigación

Información sobre parches: https://msrc.microsoft.com/update-guide/releaseNote/2024-Aug