CSIRT Panamá Aviso 2018-02-19 Microsoft libera actualizaciones para 50 vulnerabilidades
Gravedad: Alta
Fecha de publicación: Febrero 19, 2018
Fecha de modificación: Febrero 13, 2018
Última revisión: Revisión Browsers.
https://portal.msrc.microsoft.com/en-us/security-guidance
Sistemas Afectados:
Side-Channel
Adobe Flash Player
Common Log File System Driver
Device Guard
Graphic Fonts
Internet Explorer
Microsoft Browsers
Microsoft Edge
Microsoft Office
Microsoft Scripting Engine
Microsoft Windows
Windows Kernel
Windows SMB Server
I. Descripción
Microsoft ha liberado actualizaciones que cubren 50 vulnerabilidades.
II. Impacto
Estas correcciones o parches estan detalladas en la tabla a continuacion
| Tag | CVE ID | CVE Title |
|---|---|---|
| Side-Channel | ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities |
| Adobe Flash Player | ADV180004 | February 2018 Adobe Flash Security Update |
| Common Log File System Driver | CVE-2018-0844 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Common Log File System Driver | CVE-2018-0846 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| Device Guard | CVE-2018-0827 | Windows Security Feature Bypass Vulnerability |
| Graphic Fonts | CVE-2018-0855 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Graphic Fonts | CVE-2018-0755 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Graphic Fonts | CVE-2018-0760 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Graphic Fonts | CVE-2018-0761 | Windows EOT Font Engine Information Disclosure Vulnerability |
| Internet Explorer | CVE-2018-0866 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Browsers | CVE-2018-0840 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Edge | CVE-2018-0839 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Edge | CVE-2018-0771 | Microsoft Edge Security Feature Bypass Vulnerability |
| Microsoft Edge | CVE-2018-0763 | Microsoft Edge Information Disclosure Vulnerability |
| Microsoft Office | CVE-2018-0869 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0864 | Microsoft SharePoint Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0852 | Microsoft Outlook Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0851 | Microsoft Office Memory Corruption Vulnerability |
| Microsoft Office | CVE-2018-0850 | Microsoft Outlook Elevation of Privilege Vulnerability |
| Microsoft Office | CVE-2018-0853 | Microsoft Office Information Disclosure Vulnerability |
| Microsoft Office | CVE-2018-0841 | Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0859 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0860 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0861 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0858 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0836 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0835 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0837 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0838 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0856 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0857 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Scripting Engine | CVE-2018-0834 | Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2018-0822 | Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0823 | Named Pipe File System Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0825 | StructuredQuery Remote Code Execution Vulnerability |
| Microsoft Windows | CVE-2018-0828 | Windows Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0826 | Windows Storage Services Elevation of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0821 | Windows AppContainer Elevation Of Privilege Vulnerability |
| Microsoft Windows | CVE-2018-0847 | Windows Scripting Engine Memory Corruption Vulnerability |
| Microsoft Windows | CVE-2018-0820 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0831 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0832 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0830 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0829 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0757 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0742 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0756 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0809 | Windows Kernel Elevation of Privilege Vulnerability |
| Windows Kernel | CVE-2018-0810 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0843 | Windows Kernel Information Disclosure Vulnerability |
| Windows Kernel | CVE-2018-0842 | Windows Remote Code Execution Vulnerability |
| Windows SMB Server | CVE-2018-0833 | Windows Denial of Service Vulnerability |
III. Referencia a soluciones, herramientas e información
Se recomienda actualizar Windows utilizando la herramienta de Windows update o WSUS para Windows server.
https://www.microsoft.com/en-us/security/pc-security/malware-removal.aspx
Instale los parches tan pronto como estén disponibles.
Ejecute todo el software con los menos privilegios requeridos mientras se mantiene la funcionalidad.
Para mas referencias seguir el siguiente enlace https://portal.msrc.microsoft.com/en-us/security-guidance
IV. Información de contacto
CSIRT PANAMA
Computer Security Incident Response Team Autoridad Nacional para la
Innovacion Gubernamental
E-Mail: info@cert.pa
Phone: +507 520-CERT (2378)
Web: https://cert.pa
Twitter: @CSIRTPanama
Facebook: http://www.facebook.com/CSIRTPanama
Key ID: 16F2B124