{"id":1095,"date":"2017-11-16T08:33:15","date_gmt":"2017-11-16T13:33:15","guid":{"rendered":"https:\/\/cert.pa\/?p=1095"},"modified":"2017-11-16T09:10:41","modified_gmt":"2017-11-16T14:10:41","slug":"1095","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1095","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 53 vulnerabilidades"},"content":{"rendered":"

CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 53 vulnerabilidades
\nGravedad: Alta
\nFecha de publicaci\u00f3n: Noviembre 16, 2017
\nFecha de modificaci\u00f3n: Noviembre 15, 2017
\n\u00daltima revisi\u00f3n: Revisi\u00f3n A.
\nhttps:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance
\nSistemas Afectados:
\nASP.NET Core
\n.NET Framework
\nAdobe Flash Player
\nASP .NET
\nASP.NET
\nDevice Guard
\nInternet Explorer
\nMicrosoft Browsers
\nMicrosoft Edge
\nMicrosoft Graphics Component
\nMicrosoft Office
\nMicrosoft Scripting Engine
\nMicrosoft Windows Search Component
\nWindows Kernel
\nWindows Kernel-Mode Drivers
\nWindows Media Player<\/p>\n

I. Descripci\u00f3n
\nMicrosoft ha liberado actualizaciones que cubren 53 vulnerabilidades.<\/p>\n

II. Impacto
\nEstas correcciones o parches estan detalladas en la tabla a continuacion<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Tag<\/th>\nCVE ID<\/th>\nCVE Title<\/th>\n<\/tr>\n
ASP.NET Core<\/td>\nCVE-2017-11883<\/a><\/td>\nASP.NET Core Denial Of Service Vulnerability<\/td>\n<\/tr>\n
.NET Framework<\/td>\nCVE-2017-11770<\/a><\/td>\n.NET CORE Denial Of Service Vulnerability<\/td>\n<\/tr>\n
Adobe Flash Player<\/td>\nADV170019<\/a><\/td>\nNovember 2017 Flash Security Updates<\/td>\n<\/tr>\n
ASP .NET<\/td>\nCVE-2017-8700<\/a><\/td>\nASP.NET Core Information Disclosure Vulnerability<\/td>\n<\/tr>\n
ASP.NET<\/td>\nCVE-2017-11879<\/a><\/td>\nASP.NET Core Elevation Of Privilege Vulnerability<\/td>\n<\/tr>\n
Device Guard<\/td>\nCVE-2017-11830<\/a><\/td>\nDevice Guard Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11856<\/a><\/td>\nInternet Explorer Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11855<\/a><\/td>\nInternet Explorer Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2017-11848<\/a><\/td>\nInternet Explorer Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Browsers<\/td>\nCVE-2017-11827<\/a><\/td>\nMicrosoft Browser Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11845<\/a><\/td>\nMicrosoft Edge Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11874<\/a><\/td>\nMicrosoft Edge Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11872<\/a><\/td>\nMicrosoft Edge Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11863<\/a><\/td>\nMicrosoft Edge Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11833<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11803<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11844<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11835<\/a><\/td>\nWindows EOT Font Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11832<\/a><\/td>\nWindows EOT Font Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11851<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11852<\/a><\/td>\nWindows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2017-11850<\/a><\/td>\nMicrosoft Graphics Component Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11882<\/a><\/td>\nMicrosoft Office Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nADV170020<\/a><\/td>\nMicrosoft Office Defense in Depth Update<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11854<\/a><\/td>\nMicrosoft Word Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11884<\/a><\/td>\nMicrosoft Office Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11878<\/a><\/td>\nMicrosoft Excel Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11876<\/a><\/td>\nMicrosoft Project Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11877<\/a><\/td>\nMicrosoft Excel Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11862<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11858<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11846<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11869<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11866<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11837<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11839<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11861<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11841<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11873<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11834<\/a><\/td>\nScripting Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11791<\/a><\/td>\nScripting Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11871<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11870<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11840<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11843<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11836<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11838<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows Search Component<\/td>\nCVE-2017-11788<\/a><\/td>\nWindows Search Denial of Service Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11880<\/a><\/td>\nWindows Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11831<\/a><\/td>\nWindows Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2017-11847<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel-Mode Drivers<\/td>\nCVE-2017-11853<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel-Mode Drivers<\/td>\nCVE-2017-11849<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel-Mode Drivers<\/td>\nCVE-2017-11842<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Media Player<\/td>\nCVE-2017-11768<\/a><\/td>\nWindows Media Player Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

III. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n

Se recomienda actualizar Windows utilizando la herramienta de Windows update o WSUS para Windows server.
\nhttps:\/\/www.microsoft.com\/en-us\/security\/pc-security\/malware-removal.aspx
\nInstale los parches tan pronto como est\u00e9n disponibles.
\nEjecute todo el software con los menos privilegios requeridos mientras se mantiene la funcionalidad.
\nPara mas referencias seguir el siguiente enlace https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/p>\n

IV. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la
\nInnovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 53 vulnerabilidades Gravedad: Alta Fecha de publicaci\u00f3n: Noviembre 16, 2017 Fecha de modificaci\u00f3n: Noviembre 15, 2017 \u00daltima revisi\u00f3n: Revisi\u00f3n A. https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance Sistemas Afectados: ASP.NET Core .NET Framework…<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,43,8,72,44,36,74,49,21,9,73,64,80,68,45,94],"class_list":["post-1095","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-alertas","tag-avisos","tag-avisos-de-seguridad","tag-bolentin","tag-boletin","tag-boletines","tag-ciberseguridad","tag-internet-explorer","tag-microsoft","tag-parches","tag-seguridad","tag-vulnerabilidad","tag-vulnerabilidades","tag-windows","tag-windows-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1095","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1095"}],"version-history":[{"count":5,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1095\/revisions"}],"predecessor-version":[{"id":1100,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1095\/revisions\/1100"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1095"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1095"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1095"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}