{"id":1300,"date":"2018-11-15T09:31:24","date_gmt":"2018-11-15T14:31:24","guid":{"rendered":"https:\/\/cert.pa\/?p=1300"},"modified":"2018-11-15T09:31:24","modified_gmt":"2018-11-15T14:31:24","slug":"csirt-panama-aviso-2018-nov-15-microsoft-libera-actualizaciones-para-60-vulnerabilidades","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1300","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2018-nov-15 Microsoft libera actualizaciones para 60 Vulnerabilidades"},"content":{"rendered":"

CSIRT Panam\u00e1 Aviso 2018-nov-15 Microsoft libera actualizaciones para 60 Vulnerabilidades.<\/p>\n

Gravedad: Alta
\nFecha de publicaci\u00f3n: Noviembre 15, 2018
\n\u00daltima revisi\u00f3n: Noviembre 14, 2018
\nhttps:\/\/technet.microsoft.com\/en-us\/security\/bulletins.aspx<\/p>\n

Sistemas Afectados:
\n.NET Core
\nActive Directory
\nAdobe Flash Player
\nAzure
\nBitLocker
\nInternet Explorer
\nMicrosoft Drivers
\nMicrosoft Dynamics
\nMicrosoft Edge
\nMicrosoft Exchange Server
\nMicrosoft Graphics Component
\nMicrosoft JScript
\nMicrosoft Office
\nMicrosoft Office SharePoint
\nMicrosoft PowerShell
\nMicrosoft RPC
\nMicrosoft Scripting Engine
\nMicrosoft Windows
\nMicrosoft Windows Search Component
\nServicing Stack Updates
\nSkype for Business and Microsoft Lync
\nTeam Foundation Server
\nWindows Audio Service
\nWindows Kernel<\/p>\n

I. Descripci\u00f3n
\nMicrosoft ha lanzado actualizaciones para 60 vulnerabilidades que afectan a m\u00faltiples componentes.<\/p>\n

II. Impacto<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
Tag<\/th>\nCVE ID<\/th>\nCVE Title<\/th>\n<\/tr>\n
.NET Core<\/td>\nCVE-2018-8416<\/a><\/td>\n.NET Core Tampering Vulnerability<\/td>\n<\/tr>\n
Active Directory<\/td>\nCVE-2018-8547<\/a><\/td>\nActive Directory Federation Services XSS Vulnerability<\/td>\n<\/tr>\n
Adobe Flash Player<\/td>\nADV180025<\/a><\/td>\nNovember 2018 Adobe Flash Security Update<\/td>\n<\/tr>\n
Azure<\/td>\nCVE-2018-8600<\/a><\/td>\nAzure App Service Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n
BitLocker<\/td>\nCVE-2018-8566<\/a><\/td>\nBitLocker Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Internet Explorer<\/td>\nCVE-2018-8570<\/a><\/td>\nInternet Explorer Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Drivers<\/td>\nCVE-2018-8471<\/a><\/td>\nMicrosoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Dynamics<\/td>\nCVE-2018-8605<\/a><\/td>\nMicrosoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability<\/td>\n<\/tr>\n
Microsoft Dynamics<\/td>\nCVE-2018-8607<\/a><\/td>\nMicrosoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability<\/td>\n<\/tr>\n
Microsoft Dynamics<\/td>\nCVE-2018-8606<\/a><\/td>\nMicrosoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability<\/td>\n<\/tr>\n
Microsoft Dynamics<\/td>\nCVE-2018-8609<\/a><\/td>\nMicrosoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Dynamics<\/td>\nCVE-2018-8608<\/a><\/td>\nMicrosoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8564<\/a><\/td>\nMicrosoft Edge Spoofing Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8545<\/a><\/td>\nMicrosoft Edge Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Edge<\/td>\nCVE-2018-8567<\/a><\/td>\nMicrosoft Edge Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Exchange Server<\/td>\nCVE-2018-8581<\/a><\/td>\nMicrosoft Exchange Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8565<\/a><\/td>\nWin32k Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8485<\/a><\/td>\nDirectX Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8562<\/a><\/td>\nWin32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8553<\/a><\/td>\nMicrosoft Graphics Components Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8561<\/a><\/td>\nDirectX Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8554<\/a><\/td>\nDirectX Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Graphics Component<\/td>\nCVE-2018-8563<\/a><\/td>\nDirectX Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft JScript<\/td>\nCVE-2018-8417<\/a><\/td>\nMicrosoft JScript Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8579<\/a><\/td>\nMicrosoft Outlook Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8577<\/a><\/td>\nMicrosoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8575<\/a><\/td>\nMicrosoft Project Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8576<\/a><\/td>\nMicrosoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8522<\/a><\/td>\nMicrosoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8524<\/a><\/td>\nMicrosoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8539<\/a><\/td>\nMicrosoft Word Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8558<\/a><\/td>\nMicrosoft Outlook Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8573<\/a><\/td>\nMicrosoft Word Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8574<\/a><\/td>\nMicrosoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office<\/td>\nCVE-2018-8582<\/a><\/td>\nMicrosoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Office SharePoint<\/td>\nCVE-2018-8578<\/a><\/td>\nMicrosoft SharePoint Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Office SharePoint<\/td>\nCVE-2018-8572<\/a><\/td>\nMicrosoft SharePoint Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Office SharePoint<\/td>\nCVE-2018-8568<\/a><\/td>\nMicrosoft SharePoint Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft PowerShell<\/td>\nCVE-2018-8256<\/a><\/td>\nMicrosoft PowerShell Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft PowerShell<\/td>\nCVE-2018-8415<\/a><\/td>\nMicrosoft PowerShell Tampering Vulnerability<\/td>\n<\/tr>\n
Microsoft RPC<\/td>\nCVE-2018-8407<\/a><\/td>\nMSRPC Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8557<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8552<\/a><\/td>\nWindows Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8551<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8556<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8555<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8541<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8542<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8588<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8544<\/a><\/td>\nWindows VBScript Engine Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Scripting Engine<\/td>\nCVE-2018-8543<\/a><\/td>\nChakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8592<\/a><\/td>\nWindows Elevation Of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nADV180028<\/a><\/td>\nGuidance for configuring BitLocker to enforce software encryption<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8476<\/a><\/td>\nWindows Deployment Services TFTP Server Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8584<\/a><\/td>\nWindows ALPC Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8550<\/a><\/td>\nWindows COM Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows<\/td>\nCVE-2018-8549<\/a><\/td>\nWindows Security Feature Bypass Vulnerability<\/td>\n<\/tr>\n
Microsoft Windows Search Component<\/td>\nCVE-2018-8450<\/a><\/td>\nWindows Search Remote Code Execution Vulnerability<\/td>\n<\/tr>\n
Servicing Stack Updates<\/td>\nADV990001<\/a><\/td>\nLatest Servicing Stack Updates<\/td>\n<\/tr>\n
Skype for Business and Microsoft Lync<\/td>\nCVE-2018-8546<\/a><\/td>\nMicrosoft Skype for Business Denial of Service Vulnerability<\/td>\n<\/tr>\n
Team Foundation Server<\/td>\nCVE-2018-8602<\/a><\/td>\nTeam Foundation Server Cross-site Scripting Vulnerability<\/td>\n<\/tr>\n
Windows Audio Service<\/td>\nCVE-2018-8454<\/a><\/td>\nWindows Audio Service Information Disclosure Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8589<\/a><\/td>\nWindows Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n
Windows Kernel<\/td>\nCVE-2018-8408<\/a><\/td>\nWindows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

III. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n

Se recomienda actualizar los equipos utilizando windows update.<\/p>\n

IV. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2018-nov-15 Microsoft libera actualizaciones para 60 Vulnerabilidades. Gravedad: Alta Fecha de publicaci\u00f3n: Noviembre 15, 2018 \u00daltima revisi\u00f3n: Noviembre 14, 2018 https:\/\/technet.microsoft.com\/en-us\/security\/bulletins.aspx Sistemas Afectados: .NET Core Active Directory Adobe Flash Player Azure BitLocker…<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,78,27,43,8,72,74,9,73,64,80,68,45,94],"class_list":["post-1300","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-adobe","tag-adobe-flash-player","tag-alertas","tag-avisos","tag-avisos-de-seguridad","tag-boletines","tag-microsoft","tag-parches","tag-seguridad","tag-vulnerabilidad","tag-vulnerabilidades","tag-windows","tag-windows-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1300","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1300"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1300\/revisions"}],"predecessor-version":[{"id":1302,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1300\/revisions\/1302"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1300"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1300"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1300"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}