{"id":1394,"date":"2019-05-15T09:12:22","date_gmt":"2019-05-15T14:12:22","guid":{"rendered":"https:\/\/cert.pa\/?p=1394"},"modified":"2019-05-15T09:12:22","modified_gmt":"2019-05-15T14:12:22","slug":"csirt-panama-aviso-2019-05-15-microsoft-publica-79-actualizaciones-de-seguridad","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1394","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2019-05-15 Microsoft publica 79 actualizaciones de seguridad"},"content":{"rendered":"\n

CSIRT Panam\u00e1 Aviso 2019-05-15 Microsoft publica 79 actualizaciones de seguridad
Gravedad: Alta
Fecha de publicaci\u00f3n: Marzo 15, 2019
\u00daltima revisi\u00f3n: Marzo 14, 2019
https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/e5989c8b-7046-e911-a98e-000d3a33a34d<\/p>\n\n\n\n


Sistemas Afectados:
Adobe Flash Player
Microsoft Windows
Internet Explorer
Microsoft Edge
Microsoft Office and Microsoft Office Services and Web Apps
Team Foundation Server
Visual Studio
Azure DevOps Server
SQL Server
.NET Framework
.NET Core
ASP.NET Core
ChakraCore
Online Services
Azure
NuGet
Skype for Android<\/p>\n\n\n\n

I. Descripci\u00f3n
\nEl paquete de actualizaciones para este mes cubre los siguientes puntos:<\/p>\n\n\n\n
Tag<\/th>CVE ID<\/th>CVE Title<\/th>Severity<\/th><\/tr>
.NET Core<\/td>CVE-2019-0982<\/a><\/td>ASP.NET Core Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
.NET Core<\/td>CVE-2019-0981<\/a><\/td>.Net Framework and .Net Core Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
.NET Core<\/td>CVE-2019-0980<\/a><\/td>.Net Framework and .Net Core Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
.NET Framework<\/td>CVE-2019-0864<\/a><\/td>.NET Framework Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
.NET Framework<\/td>CVE-2019-0820<\/a><\/td>.NET Framework and .NET Core Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
Adobe Flash Player<\/td>ADV190012<\/a><\/td>May 2019 Adobe Flash Security Update<\/td>Critical<\/strong><\/td><\/tr>
Azure<\/td>CVE-2019-1000<\/a><\/td>Microsoft Azure AD Connect Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Internet Explorer<\/td>CVE-2019-0929<\/a><\/td>Internet Explorer Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Internet Explorer<\/td>CVE-2019-0995<\/a><\/td>Internet Explorer Security Feature Bypass Vulnerability<\/td>Important<\/td><\/tr>
Internet Explorer<\/td>CVE-2019-0930<\/a><\/td>Internet Explorer Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Internet Explorer<\/td>CVE-2019-0921<\/a><\/td>Internet Explorer Spoofing Vulnerability<\/td>Important<\/td><\/tr>
Kerberos<\/td>CVE-2019-0734<\/a><\/td>Windows Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Browsers<\/td>CVE-2019-0940<\/a><\/td>Microsoft Browser Memory Corruption Vulnerability<\/td>Moderate<\/td><\/tr>
Microsoft Dynamics<\/td>CVE-2019-1008<\/a><\/td>Microsoft Dynamics On-Premise Security Feature Bypass<\/td>Important<\/td><\/tr>
Microsoft Edge<\/td>CVE-2019-0938<\/a><\/td>Microsoft Edge Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Edge<\/td>CVE-2019-0926<\/a><\/td>Microsoft Edge Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-0892<\/a><\/td>Win32k Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-0961<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-0758<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-0903<\/a><\/td>GDI+ Remote Code Execution Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-0882<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0898<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0895<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0897<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0889<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0890<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0891<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0896<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0893<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0894<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0901<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0899<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0900<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft JET Database Engine<\/td>CVE-2019-0902<\/a><\/td>Jet Database Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-0947<\/a><\/td>Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-0953<\/a><\/td>Microsoft Word Remote Code Execution Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Office<\/td>CVE-2019-0945<\/a><\/td>Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-0946<\/a><\/td>Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0957<\/a><\/td>Microsoft SharePoint Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0956<\/a><\/td>Microsoft SharePoint Server Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0949<\/a><\/td>Microsoft SharePoint Spoofing Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0950<\/a><\/td>Microsoft SharePoint Spoofing Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0952<\/a><\/td>Microsoft SharePoint Server Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0951<\/a><\/td>Microsoft SharePoint Spoofing Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0963<\/a><\/td>Microsoft Office SharePoint XSS Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-0958<\/a><\/td>Microsoft SharePoint Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0924<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0923<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0927<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0922<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0884<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0933<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Moderate<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0925<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0937<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0918<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0913<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0912<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Moderate<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0911<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0914<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0917<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0916<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-0915<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0733<\/a><\/td>Windows Defender Application Control Security Feature Bypass Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0936<\/a><\/td>Windows Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0886<\/a><\/td>Windows Hyper-V Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0863<\/a><\/td>Windows Error Reporting Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0942<\/a><\/td>Unified Write Filter Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>ADV190013<\/a><\/td>Microsoft Guidance to mitigate Microarchitectural Data Sampling vulnerabilities<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0931<\/a><\/td>Windows Storage Service Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0885<\/a><\/td>Windows OLE Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
NuGet<\/td>CVE-2019-0976<\/a><\/td>NuGet Package Manager Tampering Vulnerability<\/td>Important<\/td><\/tr>
Servicing Stack Updates<\/td>ADV990001<\/a><\/td>Latest Servicing Stack Updates<\/td>Critical<\/strong><\/td><\/tr>
Skype for Android<\/td>CVE-2019-0932<\/a><\/td>Skype for Android Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
SQL Server<\/td>CVE-2019-0819<\/a><\/td>Microsoft SQL Server Analysis Services Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Team Foundation Server<\/td>CVE-2019-0971<\/a><\/td>Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Team Foundation Server<\/td>CVE-2019-0979<\/a><\/td>Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability<\/td>Important<\/td><\/tr>
Team Foundation Server<\/td>CVE-2019-0872<\/a><\/td>Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability<\/td>Important<\/td><\/tr>
Windows DHCP Server<\/td>CVE-2019-0725<\/a><\/td>Windows DHCP Server Remote Code Execution Vulnerability<\/td>Critical<\/strong><\/td><\/tr>
Windows Diagnostic Hub<\/td>CVE-2019-0727<\/a><\/td>Diagnostic Hub Standard Collector, Visual Studio Standard Collector Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows Kernel<\/td>CVE-2019-0881<\/a><\/td>Windows Kernel Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows NDIS<\/td>CVE-2019-0707<\/a><\/td>Windows NDIS Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows RDP<\/td>CVE-2019-0708<\/a><\/td>Remote Desktop Services Remote Code Execution Vulnerabilit<\/td>Critical<\/strong><\/td><\/tr><\/tbody><\/table>\n\n\n\n

II. Referencia a soluciones, herramientas e informaci\u00f3n
\nSe recomienda actualizar los equipos utilizando windows update.<\/p>\n\n\n\n

III. Informaci\u00f3n de contacto
\n CSIRT PANAMA
\n Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
\n E-Mail: info@cert.pa
\n Phone: +507 520-CERT (2378)
\n Web: https:\/\/cert.pa
\n Twitter: @CSIRTPanama
\n Facebook: http:\/\/www.facebook.com\/CSIRTPanama
\n Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2019-05-15 Microsoft publica 79 actualizaciones de seguridad Gravedad: Alta Fecha de publicaci\u00f3n: Marzo 15, 2019 \u00daltima revisi\u00f3n: Marzo 14, 2019 https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/e5989c8b-7046-e911-a98e-000d3a33a34d Sistemas Afectados: Adobe Flash Player Microsoft Windows Internet Explorer Microsoft Edge…<\/p>\n","protected":false},"author":5,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,27,72,9,73,45,94],"class_list":["post-1394","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-adobe-flash-player","tag-avisos-de-seguridad","tag-microsoft","tag-parches","tag-windows","tag-windows-update"],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1394","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1394"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1394\/revisions"}],"predecessor-version":[{"id":1396,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1394\/revisions\/1396"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}