{"id":1260,"date":"2018-08-17T09:07:32","date_gmt":"2018-08-17T14:07:32","guid":{"rendered":"https:\/\/cert.pa\/?p=1260"},"modified":"2018-08-17T09:07:39","modified_gmt":"2018-08-17T14:07:39","slug":"1260","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1260","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2018-07-11 Microsoft publica 60 actualizaciones de seguridad de Agosto 2018"},"content":{"rendered":"

CSIRT Panam\u00e1 Aviso 2018-07-11 Microsoft publica 60 actualizaciones de seguridad de Agosto 2018
\nGravedad: Alta
\nFecha de publicaci\u00f3n: Agosto 17, 2018
\n\u00daltima revisi\u00f3n: Agosto 15, 2018
\nhttps:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/ecb26425-583f-e811-a96f-000d3a33c573<\/p>\n

Sistemas Afectados:
\nInternet Explorer
\nMicrosoft Edge
\nMicrosoft Windows
\nMicrosoft Office and Microsoft Office Services and Web Apps
\nChakraCore
\nAdobe Flash Player
\n.NET Framework
\nMicrosoft Exchange Server
\nMicrosoft SQL Server
\nVisual Studio<\/p>\n

I. Descripci\u00f3n<\/p>\n

La versi\u00f3n de seguridad de Agosto consiste en actualizaciones de seguridad para los siguientes componentes:<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Tag<\/th>\nCVE ID<\/th>\nCVE Title<\/th>\n<\/tr>\n
Microsoft Windows<\/td>\nADV180018<\/a><\/td>\nMicrosoft Guidance to mitigate L1TF variant<\/td>\n<\/tr>\n
Adobe Flash Player<\/td>\nADV180020<\/a><\/td>\nAugust 2018 Adobe Flash Security Update<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nADV180021<\/a><\/td>\nMicrosoft Office Defense in Depth Update<\/td>\n<\/tr>\n
.NET Framework<\/td>\nCVE-2018-8360<\/a><\/td>\n.NET Framework Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Device Guard<\/td>\nCVE-2018-8200<\/a><\/td>\nDevice Guard Code Integrity Policy Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Device Guard<\/td>\nCVE-2018-8204<\/a><\/td>\nDevice Guard Code Integrity Policy Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2018-8316<\/a><\/td>\nInternet Explorer Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Browsers<\/td>\nCVE-2018-8351<\/a><\/td>\nMicrosoft Browser Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Browsers<\/td>\nCVE-2018-8403<\/a><\/td>\nMicrosoft Browser Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Browsers<\/td>\nCVE-2018-8357<\/a><\/td>\nMicrosoft Browser Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8388<\/a><\/td>\nMicrosoft Edge Spoofing Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8377<\/a><\/td>\nMicrosoft Edge Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8383<\/a><\/td>\nMicrosoft Edge Spoofing Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8387<\/a><\/td>\nMicrosoft Edge Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8370<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8358<\/a><\/td>\nMicrosoft Edge Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Exchange Server<\/td>\nCVE-2018-8374<\/a><\/td>\nMicrosoft Exchange Server Tampering Vulnerability<\/td>\n<\/tr>\n
Microsoft Exchange Server<\/td>\nCVE-2018-8302<\/a><\/td>\nMicrosoft Exchange Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8397<\/a><\/td>\nGDI+ Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8400<\/a><\/td>\nDirectX Graphics Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8398<\/a><\/td>\nWindows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8406<\/a><\/td>\nDirectX Graphics Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8405<\/a><\/td>\nDirectX Graphics Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8401<\/a><\/td>\nDirectX Graphics Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8344<\/a><\/td>\nMicrosoft Graphics Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8396<\/a><\/td>\nWindows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8394<\/a><\/td>\nWindows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8375<\/a><\/td>\nMicrosoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8376<\/a><\/td>\nMicrosoft PowerPoint Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8379<\/a><\/td>\nMicrosoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8378<\/a><\/td>\nMicrosoft Office Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8382<\/a><\/td>\nMicrosoft Excel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8412<\/a><\/td>\nMicrosoft (MAU) Office Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8389<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8385<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8355<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8371<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8372<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8353<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8373<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8380<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8390<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8381<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8266<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8359<\/a><\/td>\nScripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8384<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8346<\/a><\/td>\nLNK Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8345<\/a><\/td>\nLNK Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows PDF<\/td>\nCVE-2018-8350<\/a><\/td>\nWindows PDF Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
SQL Server<\/td>\nCVE-2018-8273<\/a><\/td>\nMicrosoft SQL Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows Authentication Methods<\/td>\nCVE-2018-8340<\/a><\/td>\nAD FS Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Windows COM<\/td>\nCVE-2018-8349<\/a><\/td>\nMicrosoft COM for Windows Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows Diagnostic Hub<\/td>\nCVE-2018-0952<\/a><\/td>\nDiagnostic Hub Standard Collector Elevation Of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Installer<\/td>\nCVE-2018-8339<\/a><\/td>\nWindows Installer Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8341<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8404<\/a><\/td>\nWin32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8347<\/a><\/td>\nWindows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8348<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8399<\/a><\/td>\nWin32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows NDIS<\/td>\nCVE-2018-8343<\/a><\/td>\nWindows NDIS Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows RNDIS<\/td>\nCVE-2018-8342<\/a><\/td>\nWindows NDIS Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Shell<\/td>\nCVE-2018-8414<\/a><\/td>\nWindows Shell Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Windows Shell<\/td>\nCVE-2018-8253<\/a><\/td>\nMicrosoft Cortana Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

II. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n

Se recomienda actualizar los equipos utilizando windows update.<\/p>\n

III. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2018-07-11 Microsoft publica 60 actualizaciones de seguridad de Agosto 2018 Gravedad: Alta Fecha de publicaci\u00f3n: Agosto 17, 2018 \u00daltima revisi\u00f3n: Agosto 15, 2018 https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/ecb26425-583f-e811-a96f-000d3a33c573 Sistemas Afectados: Internet Explorer Microsoft Edge Microsoft Windows…<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,78,27,23,43,8,72,44,36,74,49,21,9,73,64,80,68,45,94],"class_list":["post-1260","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-adobe","tag-adobe-flash-player","tag-adobe-reader","tag-alertas","tag-avisos","tag-avisos-de-seguridad","tag-bolentin","tag-boletin","tag-boletines","tag-ciberseguridad","tag-internet-explorer","tag-microsoft","tag-parches","tag-seguridad","tag-vulnerabilidad","tag-vulnerabilidades","tag-windows","tag-windows-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1260","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1260"}],"version-history":[{"count":3,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1260\/revisions"}],"predecessor-version":[{"id":1263,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1260\/revisions\/1263"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1260"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1260"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1260"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}