CSIRT Panamá Aviso 2017-10-11 Microsoft libera actualizaciones para 62 vulnerabilidades
Gravedad: Alta
Fecha de publicación: Octubre 12, 2017
Fecha de modificación: Octubre 11, 2017
Última revisión: Revisión A.
https://portal.msrc.microsoft.com/en-us/security-guidance
Sistemas Afectados:
Microsoft Internet Explorer and Edge
Microsoft Office
.NET Framework
Windows Kernel
Windows Hyper-V
Microsoft Windows
Microsoft Graphics Component
Microsoft Office
Windows DHCP Server
Windows Hyper-V
Windows NetBIOS
Windows Kernel-Mode Drivers
Windows DHCP Server
Microsoft Windows PDF
I. Descripción
Microsoft ha liberado actualizaciones que cubren 82 vulnerabilidades.
II. Impacto
Estas correcciones o parches estan detalladas en la tabla a continuacion
| Tag | CVE ID | CVE Title |
|---|---|---|
| Device Guard | CVE-2017-8715 | Windows Security Feature Bypass Vulnerability |
| Device Guard | CVE-2017-11823 | Microsoft Windows Security Feature Bypass |
| Internet Explorer | CVE-2017-11790 | Internet Explorer Information Disclosure Vulnerability |
| Internet Explorer | CVE-2017-11810 | Scripting Engine Memory Corruption Vulnerability |
| Internet Explorer | CVE-2017-11822 | Internet Explorer Memory Corruption Vulnerability |
| Internet Explorer | CVE-2017-11813 | Internet Explorer Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2017-8726 | Microsoft Edge Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2017-11794 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2017-11816 | Windows GDI Information Disclosure Vulnerability |
| Microsoft Graphics Component | CVE-2017-11763 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2017-11762 | Microsoft Graphics Remote Code Execution Vulnerability |
| Microsoft Graphics Component | CVE-2017-11824 | Windows Graphics Component Elevation of Privilege Vulnerability |
| Microsoft Graphics Component | CVE-2017-8693 | Microsoft Graphics Information Disclosure Vulnerability |
| Microsoft JET Database Engine | CVE-2017-8718 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
| Microsoft JET Database Engine | CVE-2017-8717 | Microsoft JET Database Engine Remote Code Execution Vulnerability |
| Microsoft Office | CVE-2017-11776 | Microsoft Outlook Information Disclosure Vulnerability |
| Microsoft Office | CVE-2017-11775 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office | CVE-2017-11774 | Microsoft Outlook Security Feature Bypass Vulnerability |
| Microsoft Office | CVE-2017-11777 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Office | CVE-2017-11826 | Microsoft Office Memory Corruption Vulnerability |
| Microsoft Office | CVE-2017-11825 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Office | ADV170017 | Office Defense in Depth Update |
| Microsoft Office | CVE-2017-11786 | Skype for Business Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2017-11820 | Microsoft Office SharePoint XSS Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11798 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11799 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11809 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11796 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11797 | Scripting Engine Information Disclosure Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11806 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11800 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11808 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11807 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11805 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11804 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11811 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11801 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11802 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11812 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11821 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11793 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2017-11792 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2017-11818 | Windows Storage Security Feature Bypass Vulnerability |
| Microsoft Windows | ADV170016 | Windows Server 2008 Defense in Depth |
| Microsoft Windows | CVE-2017-11783 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2017-11769 | TRIE Remote Code Execution Vulnerability |
| Microsoft Windows DNS | CVE-2017-11779 | Windows DNSAPI Remote Code Execution Vulnerability |
| Microsoft Windows Search Component | CVE-2017-11772 | Microsoft Search Information Disclosure Vulnerability |
| Microsoft Windows Search Component | CVE-2017-11771 | Windows Search Remote Code Execution Vulnerability |
| Windows Kernel | CVE-2017-11784 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11817 | Windows Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11814 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11765 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2017-11785 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel-Mode Drivers | CVE-2017-8694 | Win32k Elevation of Privilege Vulnerability |
| Windows Kernel-Mode Drivers | CVE-2017-8689 | Win32k Elevation of Privilege Vulnerability |
| Windows NTLM | ADV170014 | Optional Windows NTLM SSO authentication changes |
| Windows Shell | CVE-2017-8727 | Windows Shell Memory Corruption Vulnerability |
| Windows Shell | CVE-2017-11819 | Windows Shell Remote Code Execution Vulnerability |
| Windows SMB Server | CVE-2017-11815 | Windows SMB Information Disclosure Vulnerability |
| Windows SMB Server | CVE-2017-11782 | Windows SMB Elevation of Privilege Vulnerability |
| Windows SMB Server | CVE-2017-11781 | Windows SMB Denial of Service Vulnerability |
| Windows SMB Server | CVE-2017-11780 | Windows SMB Remote Code Execution Vulnerability |
| Windows Subsystem for Linux | CVE-2017-8703 | Windows Subsystem for Linux Denial of Service Vulnerability |
| Windows TPM | ADV170012 | Vulnerability in TPM could allow Security Feature Bypass |
| Windows Update | CVE-2017-11829 | Windows Update Delivery Optimization Elevation of Privilege Vulnerability |
III. Referencia a soluciones, herramientas e información
Se recomienda actualizar Windows utilizando la herramienta de Windows update o WSUS para Windows server.
https://www.microsoft.com/en-us/security/pc-security/malware-removal.aspx
Instale los parches tan pronto como estén disponibles.
Ejecute todo el software con los menos privilegios requeridos mientras se mantiene la funcionalidad.
Para mas referencias seguir el siguiente enlace https://portal.msrc.microsoft.com/en-us/security-guidance
IV. Información de contacto
CSIRT PANAMA
Computer Security Incident Response Team Autoridad Nacional para la
Innovacion Gubernamental
E-Mail: info@cert.pa
Phone: +507 520-CERT (2378)
Web: https://cert.pa
Twitter: @CSIRTPanama
Facebook: http://www.facebook.com/CSIRTPanama
Key ID: 16F2B124