{"id":1348,"date":"2019-02-14T08:34:48","date_gmt":"2019-02-14T13:34:48","guid":{"rendered":"https:\/\/cert.pa\/?p=1348"},"modified":"2019-02-14T08:34:48","modified_gmt":"2019-02-14T13:34:48","slug":"csirt-panama-aviso-2019-02-13-microsoft-publica-70-actualizaciones-de-seguridad","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1348","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2019-02-13 Microsoft publica 70 actualizaciones de seguridad"},"content":{"rendered":"\n

CSIRT Panam\u00e1 Aviso 2019-02-13 Microsoft publica 70 actualizaciones de seguridad
\nGravedad: Alta
\nFecha de publicaci\u00f3n: Febrero 14, 2019
\n\u00daltima revisi\u00f3n: Febrero 13, 2019
\nhttps:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/51503ac5-e6d2-e811-a983-000d3a33c573<\/p>\n\n\n\n

Sistemas Afectados:
\nAdobe Flash Player
\nInternet Explorer
\nMicrosoft Edge
\nMicrosoft Windows
\nMicrosoft Office and Microsoft Office Services and Web Apps
\nChakraCore
\n.NET Framework
\nMicrosoft Exchange Server
\nMicrosoft Visual Studio
\nAzure IoT SDK
\nMicrosoft Dynamics
\nTeam Foundation Server
\nVisual Studio Code<\/p>\n\n\n\n

I. Descripci\u00f3n<\/p>\n\n\n\n

La versi\u00f3n de seguridad de Febrero consiste en actualizaciones de seguridad para los siguientes software:<\/p>\n\n\n\n
CVE Title<\/th>CVE ID<\/th>Severity<\/th><\/tr>
Latest Servicing Stack Updates<\/td>ADV990001<\/a><\/td>Critica<\/strong><\/td><\/tr>
February 2019 Adobe Flash Security Update<\/td>ADV190003<\/a><\/td>Critica<\/strong><\/td><\/tr>
February 2019 Oracle Outside In Library Security Update<\/td>ADV190004<\/a><\/td>Desconocido<\/td><\/tr>
Guidance to mitigate unconstrained delegation vulnerabilities<\/td>ADV190006 <\/a><\/td>N\/A<\/td><\/tr>
Guidance for “PrivExchange” Elevation of Privilege Vulnerability<\/td>ADV190007<\/a><\/td>N\/A<\/td><\/tr>
Microsoft Office Security Feature Bypass Vulnerability<\/td>CVE-2019-0540 <\/a><\/td>Importante<\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0590 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0591 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0593 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Microsoft SharePoint Remote Code Execution Vulnerability<\/td>CVE-2019-0594 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Jet Database Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0595 <\/a><\/td>Importante<\/td><\/tr>
Jet Database Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0596 <\/a><\/td>Importante<\/td><\/tr>
Jet Database Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0597 <\/a><\/td>Importante<\/td><\/tr>
Jet Database Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0598 <\/a><\/td>Importante<\/td><\/tr>
Jet Database Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0599 <\/a><\/td>Importante<\/td><\/tr>
HID Information Disclosure Vulnerability<\/td>CVE-2019-0600 <\/a><\/td>Importante<\/td><\/tr>
HID Information Disclosure Vulnerability<\/td>CVE-2019-0601 <\/a><\/td>Importante<\/td><\/tr>
Windows GDI Information Disclosure Vulnerability<\/td>CVE-2019-0602 <\/a><\/td>Importante<\/td><\/tr>
Microsoft SharePoint Remote Code Execution Vulnerability<\/td>CVE-2019-0604 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0605 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Internet Explorer Memory Corruption Vulnerability<\/td>CVE-2019-0606 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0607 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0610 <\/a><\/td>Importante<\/td><\/tr>
.NET Framework and Visual Studio Remote Code Execution Vulnerability<\/td>CVE-2019-0613 <\/a><\/td>Importante<\/td><\/tr>
Windows GDI Information Disclosure Vulnerability<\/td>CVE-2019-0615 <\/a><\/td>Importante<\/td><\/tr>
Windows GDI Information Disclosure Vulnerability<\/td>CVE-2019-0616 <\/a><\/td>Importante<\/td><\/tr>
GDI+ Remote Code Execution Vulnerability<\/td>CVE-2019-0618 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Windows GDI Information Disclosure Vulnerability<\/td>CVE-2019-0619 <\/a><\/td>Importante<\/td><\/tr>
Windows Kernel Information Disclosure Vulnerability<\/td>CVE-2019-0621 <\/a><\/td>Importante<\/td><\/tr>
Win32k Elevation of Privilege Vulnerability<\/td>CVE-2019-0623 <\/a><\/td>Importante<\/td><\/tr>
Jet Database Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0625 <\/a><\/td>Importante<\/td><\/tr>
Windows DHCP Server Remote Code Execution Vulnerability<\/td>CVE-2019-0626 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Windows Security Feature Bypass Vulnerability<\/td>CVE-2019-0627 <\/a><\/td>Importante<\/td><\/tr>
Win32k Information Disclosure Vulnerability<\/td>CVE-2019-0628 <\/a><\/td>Importante<\/td><\/tr>
Windows SMB Remote Code Execution Vulnerability<\/td>CVE-2019-0630 <\/a><\/td>Importante<\/td><\/tr>
Windows Security Feature Bypass Vulnerability<\/td>CVE-2019-0631 <\/a><\/td>Importante<\/td><\/tr>
Windows Security Feature Bypass Vulnerability<\/td>CVE-2019-0632 <\/a><\/td>Importante<\/td><\/tr>
Windows SMB Remote Code Execution Vulnerability<\/td>CVE-2019-0633 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Edge Memory Corruption Vulnerability<\/td>CVE-2019-0634<\/a><\/td>Critica<\/strong><\/td><\/tr>
Windows Hyper-V Information Disclosure Vulnerability<\/td>CVE-2019-0635 <\/a><\/td>Importante<\/td><\/tr>
Windows Information Disclosure Vulnerability<\/td>CVE-2019-0636<\/a><\/td>Importante<\/td><\/tr>
Windows Defender Firewall Security Feature Bypass Vulnerability<\/td>CVE-2019-0637<\/a><\/td>Importante<\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0640 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Microsoft Edge Security Feature Bypass Vulnerability<\/td>CVE-2019-0641 <\/a><\/td>Moderada<\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0642 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Microsoft Edge Information Disclosure Vulnerability<\/td>CVE-2019-0643 <\/a><\/td>Moderada<\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0644<\/a><\/td>Critica<\/strong><\/td><\/tr>
Microsoft Edge Memory Corruption Vulnerability<\/td>CVE-2019-0645 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Information Disclosure Vulnerability<\/td>CVE-2019-0648 <\/a><\/td>Importante<\/td><\/tr>
Scripting Engine Elevation of Privileged Vulnerability<\/td>CVE-2019-0649 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Edge Memory Corruption Vulnerability<\/td>CVE-2019-0650 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0651 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0652 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Microsoft Browser Spoofing Vulnerability<\/td>CVE-2019-0654 <\/a><\/td>Importante<\/td><\/tr>
Scripting Engine Memory Corruption Vulnerability<\/td>CVE-2019-0655 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Windows Kernel Elevation of Privilege Vulnerability<\/td>CVE-2019-0656 <\/a><\/td>Importante<\/td><\/tr>
.NET Framework and Visual Studio Spoofing Vulnerability<\/td>CVE-2019-0657 <\/a><\/td>Importante<\/td><\/tr>
Scripting Engine Information Disclosure Vulnerability<\/td>CVE-2019-0658 <\/a><\/td>Importante<\/td><\/tr>
Windows Storage Service Elevation of Privilege Vulnerability<\/td>CVE-2019-0659 <\/a><\/td>Importante<\/td><\/tr>
Windows GDI Information Disclosure Vulnerability<\/td>CVE-2019-0660 <\/a><\/td>Importante<\/td><\/tr>
Windows Kernel Information Disclosure Vulnerability<\/td>CVE-2019-0661 <\/a><\/td>Importante<\/td><\/tr>
GDI+ Remote Code Execution Vulnerability<\/td>CVE-2019-0662 <\/a><\/td>Critica<\/strong><\/td><\/tr>
Windows GDI Information Disclosure Vulnerability<\/td>CVE-2019-0664 <\/a><\/td>Importante<\/td><\/tr>
Microsoft SharePoint Elevation of Privilege Vulnerability<\/td>CVE-2019-0668 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Excel Information Disclosure Vulnerability<\/td>CVE-2019-0669 <\/a><\/td>Importante<\/td><\/tr>
Microsoft SharePoint Spoofing Vulnerability<\/td>CVE-2019-0670 <\/a><\/td>Moderada<\/td><\/tr>
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0671 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0672 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0673 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0674 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>CVE-2019-0675 <\/a><\/td>Importante<\/td><\/tr>
Internet Explorer Information Disclosure Vulnerability<\/td>CVE-2019-0676 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Exchange Server Elevation of Privilege Vulnerability<\/td>CVE-2019-0686 <\/a><\/td>Importante<\/td><\/tr>
Microsoft Exchange Server Elevation of Privilege Vulnerability<\/td>CVE-2019-0724 <\/a><\/td>Importante<\/td><\/tr>
Visual Studio Code Remote Code Execution Vulnerability<\/td>CVE-2019-0728 <\/a><\/td>Importante<\/td><\/tr>
Azure IoT Java SDK Elevation of Privilege Vulnerability<\/td>CVE-2019-0729 <\/a><\/td>Importante<\/td><\/tr>
Azure IoT Java SDK Information Disclosure Vulnerability<\/td>CVE-2019-0741 <\/a><\/td>Importante<\/td><\/tr>
Team Foundation Server Cross-site Scripting Vulnerability<\/td>CVE-2019-0742 <\/a><\/td>Importante<\/td><\/tr>
Team Foundation Server Cross-site Scripting Vulnerability<\/td>CVE-2019-0743 <\/a><\/td>Importante<\/td><\/tr><\/tbody><\/table>\n\n\n\n

II. Referencia a soluciones, herramientas e informaci\u00f3n<\/p>\n\n\n\n

Se recomienda actualizar los equipos utilizando windows update.<\/p>\n\n\n\n

III. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2019-02-13 Microsoft publica 70 actualizaciones de seguridad Gravedad: Alta Fecha de publicaci\u00f3n: Febrero 14, 2019 \u00daltima revisi\u00f3n: Febrero 13, 2019 https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/51503ac5-e6d2-e811-a983-000d3a33c573 Sistemas Afectados: Adobe Flash Player Internet Explorer Microsoft Edge Microsoft Windows…<\/p>\n","protected":false},"author":4,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[72,9,73,45,94],"class_list":["post-1348","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-avisos-de-seguridad","tag-microsoft","tag-parches","tag-windows","tag-windows-update"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1348","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1348"}],"version-history":[{"count":3,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1348\/revisions"}],"predecessor-version":[{"id":1351,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1348\/revisions\/1351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1348"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1348"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1348"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}