{"id":1075,"date":"2017-10-12T08:42:15","date_gmt":"2017-10-12T13:42:15","guid":{"rendered":"https:\/\/cert.pa\/?p=1075"},"modified":"2017-10-12T08:42:15","modified_gmt":"2017-10-12T13:42:15","slug":"microsoft-libera-actualizaciones-para-62-vulnerabilidades","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1075","title":{"rendered":"Microsoft libera actualizaciones para 62 vulnerabilidades"},"content":{"rendered":"

CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 62 vulnerabilidades
\nGravedad: Alta
\nFecha de publicaci\u00f3n: Octubre 12, 2017
\nFecha de modificaci\u00f3n: Octubre 11, 2017
\n\u00daltima revisi\u00f3n: Revisi\u00f3n A.<\/p>\n

https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance
\nSistemas Afectados:
\nMicrosoft Internet Explorer and Edge
\nMicrosoft Office
\n.NET Framework
\nWindows Kernel
\nWindows Hyper-V
\nMicrosoft Windows
\nMicrosoft Graphics Component
\nMicrosoft Office
\nWindows DHCP Server
\nWindows Hyper-V
\nWindows NetBIOS
\nWindows Kernel-Mode Drivers
\nWindows DHCP Server
\nMicrosoft Windows PDF<\/p>\n

I. Descripci\u00f3n
\nMicrosoft ha liberado actualizaciones que cubren 82 vulnerabilidades.<\/p>\n

II. Impacto
\nEstas correcciones o parches estan detalladas en la tabla a continuacion<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Tag<\/th>\nCVE ID<\/th>\nCVE Title<\/th>\n<\/tr>\n
Device Guard<\/td>\nCVE-2017-8715<\/a><\/td>\nWindows Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Device Guard<\/td>\nCVE-2017-11823<\/a><\/td>\nMicrosoft Windows Security Feature Bypass<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11790<\/a><\/td>\nInternet Explorer Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11810<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11822<\/a><\/td>\nInternet Explorer Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11813<\/a><\/td>\nInternet Explorer Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-8726<\/a><\/td>\nMicrosoft Edge Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11794<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11816<\/a><\/td>\nWindows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11763<\/a><\/td>\nMicrosoft Graphics Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11762<\/a><\/td>\nMicrosoft Graphics Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11824<\/a><\/td>\nWindows Graphics Component Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-8693<\/a><\/td>\nMicrosoft Graphics Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft JET Database Engine<\/td>\nCVE-2017-8718<\/a><\/td>\nMicrosoft JET Database Engine Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft JET Database Engine<\/td>\nCVE-2017-8717<\/a><\/td>\nMicrosoft JET Database Engine Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11776<\/a><\/td>\nMicrosoft Outlook Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11775<\/a><\/td>\nMicrosoft Office SharePoint XSS Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11774<\/a><\/td>\nMicrosoft Outlook Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11777<\/a><\/td>\nMicrosoft Office SharePoint XSS Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11826<\/a><\/td>\nMicrosoft Office Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11825<\/a><\/td>\nMicrosoft Office Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nADV170017<\/a><\/td>\nOffice Defense in Depth Update<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11786<\/a><\/td>\nSkype for Business Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11820<\/a><\/td>\nMicrosoft Office SharePoint XSS Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11798<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11799<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11809<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11796<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11797<\/a><\/td>\nScripting Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11806<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11800<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11808<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11807<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11805<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11804<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11811<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11801<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11802<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11812<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11821<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11793<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11792<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2017-11818<\/a><\/td>\nWindows Storage Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nADV170016<\/a><\/td>\nWindows Server 2008 Defense in Depth<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2017-11783<\/a><\/td>\nWindows Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2017-11769<\/a><\/td>\nTRIE Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows DNS<\/td>\nCVE-2017-11779<\/a><\/td>\nWindows DNSAPI Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows Search Component<\/td>\nCVE-2017-11772<\/a><\/td>\nMicrosoft Search Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows Search Component<\/td>\nCVE-2017-11771<\/a><\/td>\nWindows Search Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11784<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11817<\/a><\/td>\nWindows Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11814<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11765<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11785<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel-Mode Drivers<\/td>\nCVE-2017-8694<\/a><\/td>\nWin32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel-Mode Drivers<\/td>\nCVE-2017-8689<\/a><\/td>\nWin32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows NTLM<\/td>\nADV170014<\/a><\/td>\nOptional Windows NTLM SSO authentication changes<\/td>\n<\/tr>\n
Windows Shell<\/td>\nCVE-2017-8727<\/a><\/td>\nWindows Shell Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Windows Shell<\/td>\nCVE-2017-11819<\/a><\/td>\nWindows Shell Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows SMB Server<\/td>\nCVE-2017-11815<\/a><\/td>\nWindows SMB Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows SMB Server<\/td>\nCVE-2017-11782<\/a><\/td>\nWindows SMB Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows SMB Server<\/td>\nCVE-2017-11781<\/a><\/td>\nWindows SMB Denial of Service Vulnerability<\/td>\n<\/tr>\n
Windows SMB Server<\/td>\nCVE-2017-11780<\/a><\/td>\nWindows SMB Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows Subsystem for Linux<\/td>\nCVE-2017-8703<\/a><\/td>\nWindows Subsystem for Linux Denial of Service Vulnerability<\/td>\n<\/tr>\n
Windows TPM<\/td>\nADV170012<\/a><\/td>\nVulnerability in TPM could allow Security Feature Bypass<\/td>\n<\/tr>\n
Windows Update<\/td>\nCVE-2017-11829<\/a><\/td>\nWindows Update Delivery Optimization Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

III. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n

Se recomienda actualizar Windows utilizando la herramienta de Windows update o WSUS para Windows server.
\nhttps:\/\/www.microsoft.com\/en-us\/security\/pc-security\/malware-removal.aspx
\nInstale los parches tan pronto como est\u00e9n disponibles.
\nEjecute todo el software con los menos privilegios requeridos mientras se mantiene la funcionalidad.
\nPara mas referencias seguir el siguiente enlace https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/p>\n

IV. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la
\nInnovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 62 vulnerabilidades Gravedad: Alta Fecha de publicaci\u00f3n: Octubre 12, 2017 Fecha de modificaci\u00f3n: Octubre 11, 2017 \u00daltima revisi\u00f3n: Revisi\u00f3n A. https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance Sistemas Afectados: Microsoft Internet Explorer and…<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,72,36,74,99,21,9,92,73,98,68],"class_list":["post-1075","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-avisos-de-seguridad","tag-boletin","tag-boletines","tag-edge","tag-internet-explorer","tag-microsoft","tag-office","tag-parches","tag-patch-tuesday","tag-vulnerabilidades"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1075","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1075"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1075\/revisions"}],"predecessor-version":[{"id":1077,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1075\/revisions\/1077"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1075"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1075"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1075"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}