{"id":1111,"date":"2017-12-13T08:25:40","date_gmt":"2017-12-13T13:25:40","guid":{"rendered":"https:\/\/cert.pa\/?p=1111"},"modified":"2017-12-13T08:27:30","modified_gmt":"2017-12-13T13:27:30","slug":"csirt-panama-aviso-2017-10-11-microsoft-libera-actualizaciones-para-34-vulnerabilidades","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1111","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 34 vulnerabilidades"},"content":{"rendered":"

CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 34 vulnerabilidades
\nGravedad: Alta
\nFecha de publicaci\u00f3n: Diciembre 13, 2017
\nFecha de modificaci\u00f3n: Diciembre 12, 2017
\n\u00daltima revisi\u00f3n: Revisi\u00f3n A.
\nhttps:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance
\nSistemas Afectados:
\n– Microsoft Windows
\n– Microsoft Office
\n– Microsoft Office Services and Web Apps
\n– Microsoft Exchange Server
\n– Microsoft Malware Protection Engine
\n– Internet Explorer
\n– Microsoft Edge
\n– ChakraCore<\/p>\n

I. Descripci\u00f3n
\nMicrosoft ha liberado actualizaciones que cubren 34 vulnerabilidades.<\/p>\n

II. Impacto
\nEstas correcciones o parches estan detalladas en la tabla a continuacion<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Tag<\/th>\nCVE ID<\/th>\nCVE Title<\/th>\n<\/tr>\n
Microsoft Office<\/td>\nADV170021<\/a><\/td>\nMicrosoft Office Defense in Depth Update<\/td>\n<\/tr>\n
Adobe Flash Player<\/td>\nADV170022<\/a><\/td>\nDecember 2017 Flash Security Update<\/td>\n<\/tr>\n
Microsoft Exchange Server<\/td>\nADV170023<\/a><\/td>\nMicrosoft Exchange Defense in Depth Update<\/td>\n<\/tr>\n
Device Guard<\/td>\nCVE-2017-11899<\/a><\/td>\nMicrosoft Windows Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2017-11888<\/a><\/td>\nMicrosoft Edge Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Exchange Server<\/td>\nCVE-2017-11932<\/a><\/td>\nMicrosoft Exchange Spoofing Vulnerability<\/td>\n<\/tr>\n
Microsoft Malware Protection Engine<\/td>\nCVE-2017-11940<\/a><\/td>\nMicrosoft Malware Protection Engine Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Malware Protection Engine<\/td>\nCVE-2017-11937<\/a><\/td>\nMicrosoft Malware Protection Engine Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11939<\/a><\/td>\nMicrosoft Office Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11936<\/a><\/td>\nMicrosoft SharePoint Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11935<\/a><\/td>\nMicrosoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2017-11934<\/a><\/td>\nMicrosoft PowerPoint Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11886<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11905<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11907<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11916<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11894<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11887<\/a><\/td>\nScripting Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11919<\/a><\/td>\nScripting Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11903<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11901<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11908<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11906<\/a><\/td>\nScripting Engine Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11890<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11889<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11895<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11893<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11909<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11914<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11918<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11930<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11913<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11910<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11911<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2017-11912<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2017-11885<\/a><\/td>\nWindows RRAS Service Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2017-11927<\/a><\/td>\nMicrosoft Windows Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

III. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n

Se recomienda actualizar Windows utilizando la herramienta de Windows update o WSUS para Windows server.
\nhttps:\/\/www.microsoft.com\/en-us\/security\/pc-security\/malware-removal.aspx
\nInstale los parches tan pronto como est\u00e9n disponibles.
\nEjecute todo el software con los menos privilegios requeridos mientras se mantiene la funcionalidad.
\nPara mas referencias seguir el siguiente enlace https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance<\/p>\n

IV. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la
\nInnovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2017-10-11 Microsoft libera actualizaciones para 34 vulnerabilidades Gravedad: Alta Fecha de publicaci\u00f3n: Diciembre 13, 2017 Fecha de modificaci\u00f3n: Diciembre 12, 2017 \u00daltima revisi\u00f3n: Revisi\u00f3n A. https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance Sistemas Afectados: – Microsoft Windows –…<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,43,8,72,36,74,49,9,73,64,45,94],"class_list":["post-1111","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-alertas","tag-avisos","tag-avisos-de-seguridad","tag-boletin","tag-boletines","tag-ciberseguridad","tag-microsoft","tag-parches","tag-seguridad","tag-windows","tag-windows-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1111","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1111"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1111\/revisions"}],"predecessor-version":[{"id":1113,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1111\/revisions\/1113"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1111"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1111"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1111"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}