{"id":1309,"date":"2018-12-14T11:08:17","date_gmt":"2018-12-14T16:08:17","guid":{"rendered":"https:\/\/cert.pa\/?p=1309"},"modified":"2018-12-14T11:08:17","modified_gmt":"2018-12-14T16:08:17","slug":"csirt-panama-aviso-2018-14-12-microsoft-publica-actualizaciones-de-seguridad","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1309","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2018-14-12 Microsoft publica actualizaciones de seguridad."},"content":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2018-14-12 Microsoft publica actualizaciones de seguridad.<br \/>\nGravedad: Alta<br \/>\nFecha de publicaci\u00f3n: Diciembre 14, 2018<br \/>\n\u00daltima revisi\u00f3n: Diciembre 14, 2018<br \/>\nhttps:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/6c54acc6-2ed2-e811-a980-000d3a33a34d<\/p>\n<p>Sistemas Afectados:<br \/>\nAdobe Flash Player<br \/>\nInternet Explorer<br \/>\nMicrosoft Edge<br \/>\nMicrosoft Windows<br \/>\nMicrosoft Office and Microsoft Office Services and Web Apps<br \/>\nChakraCore<br \/>\n.NET Framework<br \/>\nMicrosoft Dynamics NAV<br \/>\nMicrosoft Exchange Server<br \/>\nMicrosoft Visual Studio<br \/>\nWindows Azure Pack (WAP)<\/p>\n<p>I. Descripci\u00f3n<\/p>\n<p>El bolet\u00edn de seguridad consiste en actualizaciones para los siguientes software:<\/p>\n<table align=\"center\" border=\"0\" style=\"width:100%\">\n<tbody>\n<tr>\n<th>Tag<\/th>\n<th>CVE ID<\/th>\n<th>CVE Title<\/th>\n<\/tr>\n<tr>\n<td>.NET Framework<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8517\">CVE-2018-8517<\/a><\/td>\n<td>.NET Framework Denial Of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>.NET Framework<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8540\">CVE-2018-8540<\/a><\/td>\n<td>.NET Framework Remote Code Injection Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Adobe Flash Player<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/ADV180031\">ADV180031<\/a><\/td>\n<td>December 2018 Adobe Flash Security Update<\/td>\n<\/tr>\n<tr>\n<td>Internet Explorer<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8619\">CVE-2018-8619<\/a><\/td>\n<td>Internet Explorer Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Internet Explorer<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8631\">CVE-2018-8631<\/a><\/td>\n<td>Internet Explorer Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Dynamics<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8651\">CVE-2018-8651<\/a><\/td>\n<td>Microsoft Dynamics NAV Cross Site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Exchange Server<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8604\">CVE-2018-8604<\/a><\/td>\n<td>Microsoft Exchange Server Tampering Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Graphics Component<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8639\">CVE-2018-8639<\/a><\/td>\n<td>Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Graphics Component<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8638\">CVE-2018-8638<\/a><\/td>\n<td>DirectX Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Graphics Component<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8595\">CVE-2018-8595<\/a><\/td>\n<td>Windows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Graphics Component<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8596\">CVE-2018-8596<\/a><\/td>\n<td>Windows GDI Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8628\">CVE-2018-8628<\/a><\/td>\n<td>Microsoft PowerPoint Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8636\">CVE-2018-8636<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8627\">CVE-2018-8627<\/a><\/td>\n<td>Microsoft Excel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8598\">CVE-2018-8598<\/a><\/td>\n<td>Microsoft Excel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8587\">CVE-2018-8587<\/a><\/td>\n<td>Microsoft Outlook Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8597\">CVE-2018-8597<\/a><\/td>\n<td>Microsoft Excel Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office SharePoint<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8635\">CVE-2018-8635<\/a><\/td>\n<td>Microsoft SharePoint Server Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Office SharePoint<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8580\">CVE-2018-8580<\/a><\/td>\n<td>Microsoft SharePoint Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8629\">CVE-2018-8629<\/a><\/td>\n<td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8643\">CVE-2018-8643<\/a><\/td>\n<td>Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8625\">CVE-2018-8625<\/a><\/td>\n<td>Windows VBScript Engine Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8617\">CVE-2018-8617<\/a><\/td>\n<td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8583\">CVE-2018-8583<\/a><\/td>\n<td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8618\">CVE-2018-8618<\/a><\/td>\n<td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Scripting Engine<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8624\">CVE-2018-8624<\/a><\/td>\n<td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Windows<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8649\">CVE-2018-8649<\/a><\/td>\n<td>Windows Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Windows DNS<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8514\">CVE-2018-8514<\/a><\/td>\n<td>Remote Procedure Call runtime Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Microsoft Windows DNS<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8626\">CVE-2018-8626<\/a><\/td>\n<td>Windows DNS Server Heap Overflow Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Visual Studio<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8599\">CVE-2018-8599<\/a><\/td>\n<td>Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Authentication Methods<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8634\">CVE-2018-8634<\/a><\/td>\n<td>Microsoft Text-To-Speech Remote Code Execution Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Azure Pack<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8652\">CVE-2018-8652<\/a><\/td>\n<td>Windows Azure Pack Cross Site Scripting Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8477\">CVE-2018-8477<\/a><\/td>\n<td>Windows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8621\">CVE-2018-8621<\/a><\/td>\n<td>Windows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8612\">CVE-2018-8612<\/a><\/td>\n<td>Connected User Experiences and Telemetry Service Denial of Service Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8611\">CVE-2018-8611<\/a><\/td>\n<td>Windows Kernel Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8622\">CVE-2018-8622<\/a><\/td>\n<td>Windows Kernel Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8637\">CVE-2018-8637<\/a><\/td>\n<td>Win32k Information Disclosure Vulnerability<\/td>\n<\/tr>\n<tr>\n<td>Windows Kernel-Mode Drivers<\/td>\n<td><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2018-8641\">CVE-2018-8641<\/a><\/td>\n<td>Win32k Elevation of Privilege Vulnerability<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>II. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n<p>Se recomienda actualizar los equipos utilizando windows update.<\/p>\n<p>III. Informaci\u00f3n de contacto<br \/>\nCSIRT PANAMA<br \/>\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental<br \/>\nE-Mail: info@cert.pa<br \/>\nPhone: +507 520-CERT (2378)<br \/>\nWeb: https:\/\/cert.pa<br \/>\nTwitter: @CSIRTPanama<br \/>\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama<br \/>\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CSIRT Panam\u00e1 Aviso 2018-14-12 Microsoft publica actualizaciones de seguridad. Gravedad: Alta Fecha de publicaci\u00f3n: Diciembre 14, 2018 \u00daltima revisi\u00f3n: Diciembre 14, 2018 https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/6c54acc6-2ed2-e811-a980-000d3a33a34d Sistemas Afectados: Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows Microsoft&#8230;<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1309","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1309","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1309"}],"version-history":[{"count":1,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1309\/revisions"}],"predecessor-version":[{"id":1310,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1309\/revisions\/1310"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1309"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1309"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1309"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}