CSIRT Panamá Aviso 2024-feb-15 Microsoft publica actualizaciones que corrigen 73 fallas y 2 dia cero

TOPICS:

Posted By: CSIRT Panamá February 15, 2024

CSIRT Panamá Aviso 2024-feb-15 Microsoft publica actualizaciones que corrigen 73 fallas y 2 dia cero
Gravedad: Alta
Fecha de publicación: Febrero 15, 2024
Última revisión: Febrero 15, 2024
https://msrc.microsoft.com/update-guide/releaseNote/2024-Feb

Sistemas Afectados:
Azure DevOps
Microsoft Office
Azure Stack
Windows Hyper-V
Skype for Business
Trusted Compute Base
Microsoft Defender for Endpoint
Microsoft Dynamics
Azure Connected Machine Agent
Windows Kernel
Windows USB Serial Driver
Role: DNS Server
Windows Internet Connection Sharing (ICS)
Windows Win32K – ICOMP
SQL Server
Microsoft ActiveX
Microsoft WDAC OLE DB provider for SQL
Windows SmartScreen
Microsoft WDAC ODBC Driver
Windows Message Queuing
Windows LDAP – Lightweight Directory Access Protocol
Azure Site Recovery
Windows OLE
Microsoft Teams for Android
Microsoft Azure Kubernetes Service
Microsoft Windows DNS
Microsoft Office Outlook
Microsoft Office Word
Azure Active Directory
Microsoft Office OneNote
.NET
Azure File Sync
Microsoft Edge (Chromium-based)
Microsoft Windows
Microsoft Exchange Server
Internet Shortcut Files

I. Descripción

El Patch Tuesday de Febrero consiste en actualizaciones de seguridad para los siguientes aplicativos:

TagCVE IDCVE TitleSeverity
.NETCVE-2024-21386.NET Denial of Service VulnerabilityImportant
.NETCVE-2024-21404.NET Denial of Service VulnerabilityImportant
Azure Active DirectoryCVE-2024-21401Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege VulnerabilityImportant
Azure Active DirectoryCVE-2024-21381Microsoft Azure Active Directory B2C Spoofing VulnerabilityImportant
Azure Connected Machine AgentCVE-2024-21329Azure Connected Machine Agent Elevation of Privilege VulnerabilityImportant
Azure DevOpsCVE-2024-20667Azure DevOps Server Remote Code Execution VulnerabilityImportant
Azure File SyncCVE-2024-21397Microsoft Azure File Sync Elevation of Privilege VulnerabilityImportant
Azure Site RecoveryCVE-2024-21364Microsoft Azure Site Recovery Elevation of Privilege VulnerabilityModerate
Azure StackCVE-2024-20679Azure Stack Hub Spoofing VulnerabilityImportant
Internet Shortcut FilesCVE-2024-21412Internet Shortcut Files Security Feature Bypass VulnerabilityImportant
MarinerCVE-2024-21626UnknownUnknown
Microsoft ActiveXCVE-2024-21349Microsoft ActiveX Data Objects Remote Code Execution VulnerabilityImportant
Microsoft Azure Kubernetes ServiceCVE-2024-21403Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityImportant
Microsoft Azure Kubernetes ServiceCVE-2024-21376Microsoft Azure Kubernetes Service Confidential Container Remote Code Execution VulnerabilityImportant
Microsoft Defender for EndpointCVE-2024-21315Microsoft Defender for Endpoint Protection Elevation of Privilege VulnerabilityImportant
Microsoft DynamicsCVE-2024-21393Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2024-21389Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2024-21395Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityImportant
Microsoft DynamicsCVE-2024-21380Microsoft Dynamics Business Central/NAV Information Disclosure VulnerabilityCritical
Microsoft DynamicsCVE-2024-21328Dynamics 365 Sales Spoofing VulnerabilityImportant
Microsoft DynamicsCVE-2024-21394Dynamics 365 Field Service Spoofing VulnerabilityImportant
Microsoft DynamicsCVE-2024-21396Dynamics 365 Sales Spoofing VulnerabilityImportant
Microsoft DynamicsCVE-2024-21327Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting VulnerabilityImportant
Microsoft Edge (Chromium-based)CVE-2024-1284Chromium: CVE-2024-1284 Use after free in MojoUnknown
Microsoft Edge (Chromium-based)CVE-2024-21399Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilityModerate
Microsoft Edge (Chromium-based)CVE-2024-1060Chromium: CVE-2024-1060 Use after free in CanvasUnknown
Microsoft Edge (Chromium-based)CVE-2024-1077Chromium: CVE-2024-1077 Use after free in NetworkUnknown
Microsoft Edge (Chromium-based)CVE-2024-1283Chromium: CVE-2024-1283 Heap buffer overflow in SkiaUnknown
Microsoft Edge (Chromium-based)CVE-2024-1059Chromium: CVE-2024-1059 Use after free in WebRTCUnknown
Microsoft Exchange ServerCVE-2024-21410Microsoft Exchange Server Elevation of Privilege VulnerabilityCritical
Microsoft OfficeCVE-2024-21413Microsoft Outlook Remote Code Execution VulnerabilityCritical
Microsoft OfficeCVE-2024-20673Microsoft Office Remote Code Execution VulnerabilityImportant
Microsoft Office OneNoteCVE-2024-21384Microsoft Office OneNote Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2024-21378Microsoft Outlook Remote Code Execution VulnerabilityImportant
Microsoft Office OutlookCVE-2024-21402Microsoft Outlook Elevation of Privilege VulnerabilityImportant
Microsoft Office WordCVE-2024-21379Microsoft Word Remote Code Execution VulnerabilityImportant
Microsoft Teams for AndroidCVE-2024-21374Microsoft Teams for Android Information DisclosureImportant
Microsoft WDAC ODBC DriverCVE-2024-21353Microsoft WDAC ODBC Driver Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21370Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21350Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21368Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21359Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21365Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21367Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21420Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21366Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21369Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21375Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21361Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21358Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21391Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21360Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WDAC OLE DB provider for SQLCVE-2024-21352Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityImportant
Microsoft WindowsCVE-2024-21406Windows Printing Service Spoofing VulnerabilityImportant
Microsoft Windows DNSCVE-2024-21377Windows DNS Information Disclosure VulnerabilityImportant
Role: DNS ServerCVE-2023-50387MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolversImportant
Role: DNS ServerCVE-2024-21342Windows DNS Client Denial of Service VulnerabilityImportant
Skype for BusinessCVE-2024-20695Skype for Business Information Disclosure VulnerabilityImportant
SQL ServerCVE-2024-21347Microsoft ODBC Driver Remote Code Execution VulnerabilityImportant
Trusted Compute BaseCVE-2024-21304Trusted Compute Base Elevation of Privilege VulnerabilityImportant
Windows Hyper-VCVE-2024-20684Windows Hyper-V Denial of Service VulnerabilityCritical
Windows Internet Connection Sharing (ICS)CVE-2024-21343Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportant
Windows Internet Connection Sharing (ICS)CVE-2024-21348Internet Connection Sharing (ICS) Denial of Service VulnerabilityImportant
Windows Internet Connection Sharing (ICS)CVE-2024-21357Windows Pragmatic General Multicast (PGM) Remote Code Execution VulnerabilityCritical
Windows Internet Connection Sharing (ICS)CVE-2024-21344Windows Network Address Translation (NAT) Denial of Service VulnerabilityImportant
Windows KernelCVE-2024-21371Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-21338Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-21341Windows Kernel Remote Code Execution VulnerabilityImportant
Windows KernelCVE-2024-21345Windows Kernel Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2024-21362Windows Kernel Security Feature Bypass VulnerabilityImportant
Windows KernelCVE-2024-21340Windows Kernel Information Disclosure VulnerabilityImportant
Windows LDAP – Lightweight Directory Access ProtocolCVE-2024-21356Windows Lightweight Directory Access Protocol (LDAP) Denial of Service VulnerabilityImportant
Windows Message QueuingCVE-2024-21363Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilityImportant
Windows Message QueuingCVE-2024-21355Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportant
Windows Message QueuingCVE-2024-21405Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportant
Windows Message QueuingCVE-2024-21354Microsoft Message Queuing (MSMQ) Elevation of Privilege VulnerabilityImportant
Windows OLECVE-2024-21372Windows OLE Remote Code Execution VulnerabilityImportant
Windows SmartScreenCVE-2024-21351Windows SmartScreen Security Feature Bypass VulnerabilityModerate
Windows USB Serial DriverCVE-2024-21339Windows USB Generic Parent Driver Remote Code Execution VulnerabilityImportant
Windows Win32K – ICOMPCVE-2024-21346Win32k Elevation of Privilege VulnerabilityImportant

II. Referencia a soluciones, herramientas e información

Se recomienda actualizar los equipos utilizando windows update.

III. Información de contacto
CSIRT PANAMA
Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
E-Mail: info@cert.pa
Phone: +507 520-CERT (2378)
Web: https://cert.pa
Twitter: @CSIRTPanama
Facebook: http://www.facebook.com/CSIRTPanama
Key ID: 16F2B124