{"id":1437,"date":"2019-07-10T08:57:44","date_gmt":"2019-07-10T13:57:44","guid":{"rendered":"https:\/\/cert.pa\/?p=1437"},"modified":"2019-07-10T08:58:30","modified_gmt":"2019-07-10T13:58:30","slug":"csirt-panama-aviso-2019-07-10-microsoft-libera-sus-actualizaciones-de-seguridad-para-julio","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=1437","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2019-07-10 Microsoft Libera sus actualizaciones de seguridad para Julio"},"content":{"rendered":"\n

CSIRT Panam\u00e1 Aviso 2019-07-10 Microsoft Libera sus actualizaciones de seguridad para Julio
\nGravedad: Alta
\nFecha de publicaci\u00f3n: Julio 10, 2019
\n\u00daltima revisi\u00f3n: Julio 09, 2019
\nhttps:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/48293f19-d662-e911-a98e-000d3a33c573<\/p>\n\n\n\n

Sistemas Afectados:
\nMicrosoft Windows
\nInternet Explorer
\nMicrosoft Edge
\nMicrosoft Office and Microsoft Office Services and Web Apps
\nAzure DevOps
\nOpen Source Software
\n.NET Framework
\nAzure
\nSQL Server
\nASP.NET
\nVisual Studio
\nMicrosoft Exchange Server<\/p>\n\n\n\n

I. Descripci\u00f3n
Microsoft public\u00f3 las siguientes actualizaciones de seguridad y de otra \u00edndole para Office en Julio de 2019.<\/p>\n\n\n\n

II. Problemas Conocidos<\/p>\n\n\n\n
Tag<\/th>CVE ID<\/th>CVE Title<\/th>Severity<\/th><\/tr>
.NET Framework<\/td>CVE-2019-1083<\/a><\/td>.NET Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
.NET Framework<\/td>CVE-2019-1113<\/a><\/td>.NET Framework Remote Code Execution Vulnerability<\/td>Critical<\/td><\/tr>
.NET Framework<\/td>CVE-2019-1006<\/a><\/td>WCF\/WIF SAML Token Authentication Bypass Vulnerability<\/td>Important<\/td><\/tr>
ASP.NET<\/td>CVE-2019-1075<\/a><\/td>ASP.NET Core Spoofing Vulnerability<\/td>Moderate<\/td><\/tr>
Azure<\/td>CVE-2019-0962<\/a><\/td>Azure Automation Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Azure DevOps<\/td>CVE-2019-1076<\/a><\/td>Team Foundation Server Cross-site Scripting Vulnerability<\/td>Important<\/td><\/tr>
Azure DevOps<\/td>CVE-2019-1072<\/a><\/td>Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability<\/td>Critical<\/td><\/tr>
Internet Explorer<\/td>CVE-2019-1063<\/a><\/td>Internet Explorer Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Browsers<\/td>CVE-2019-1104<\/a><\/td>Microsoft Browser Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Exchange Server<\/td>ADV190021<\/a><\/td>Outlook on the web Cross-Site Scripting Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Exchange Server<\/td>CVE-2019-1136<\/a><\/td>Microsoft Exchange Server Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Exchange Server<\/td>CVE-2019-1137<\/a><\/td>Microsoft Exchange Server Spoofing Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1118<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1119<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1117<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1127<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1116<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1120<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1124<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-0999<\/a><\/td>DirectX Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1128<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1121<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1122<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1123<\/a><\/td>DirectWrite Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1097<\/a><\/td>DirectWrite Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1096<\/a><\/td>Win32k Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1101<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1098<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1095<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1102<\/a><\/td>GDI+ Remote Code Execution Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1100<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1094<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Graphics Component<\/td>CVE-2019-1093<\/a><\/td>DirectWrite Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-1084<\/a><\/td>Microsoft Exchange Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-1111<\/a><\/td>Microsoft Excel Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-1110<\/a><\/td>Microsoft Excel Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-1109<\/a><\/td>Microsoft Office Spoofing Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office<\/td>CVE-2019-1112<\/a><\/td>Microsoft Excel Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Office SharePoint<\/td>CVE-2019-1134<\/a><\/td>Microsoft Office SharePoint XSS Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1062<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1004<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1001<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1059<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Moderate<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1056<\/a><\/td>Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1106<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1092<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1103<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Scripting Engine<\/td>CVE-2019-1107<\/a><\/td>Chakra Scripting Engine Memory Corruption Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1067<\/a><\/td>Windows Kernel Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1074<\/a><\/td>Microsoft Windows Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1091<\/a><\/td>Microsoft unistore.dll Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1082<\/a><\/td>Microsoft Windows Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0975<\/a><\/td>ADFS Security Feature Bypass Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1130<\/a><\/td>Windows Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1129<\/a><\/td>Windows Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1037<\/a><\/td>Windows Error Reporting Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0880<\/a><\/td>Microsoft splwow64 Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0865<\/a><\/td>SymCrypt Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0785<\/a><\/td>Windows DHCP Server Remote Code Execution Vulnerability<\/td>Critical<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0887<\/a><\/td>Remote Desktop Services Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-0966<\/a><\/td>Windows Hyper-V Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows<\/td>CVE-2019-1126<\/a><\/td>ADFS Security Feature Bypass Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows DNS<\/td>CVE-2019-1090<\/a><\/td>Windows dnsrlvr.dll Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Microsoft Windows DNS<\/td>CVE-2019-0811<\/a><\/td>Windows DNS Server Denial of Service Vulnerability<\/td>Important<\/td><\/tr>
Open Source Software<\/td>CVE-2018-15664<\/a><\/td>Docker Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Servicing Stack Updates<\/td>ADV990001<\/a><\/td>Latest Servicing Stack Updates<\/td>Critical<\/td><\/tr>
SQL Server<\/td>CVE-2019-1068<\/a><\/td>Microsoft SQL Server Remote Code Execution Vulnerability<\/td>Important<\/td><\/tr>
Visual Studio<\/td>CVE-2019-1077<\/a><\/td>Visual Studio Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Visual Studio<\/td>CVE-2019-1079<\/a><\/td>Visual Studio Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Windows Kernel<\/td>CVE-2019-1073<\/a><\/td>Windows Kernel Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Windows Kernel<\/td>CVE-2019-1132<\/a><\/td>Win32k Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows Kernel<\/td>CVE-2019-1071<\/a><\/td>Windows Kernel Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Windows Kernel<\/td>CVE-2019-1089<\/a><\/td>Windows RPCSS Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows Media<\/td>CVE-2019-1086<\/a><\/td>Windows Audio Service Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows Media<\/td>CVE-2019-1088<\/a><\/td>Windows Audio Service Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows Media<\/td>CVE-2019-1087<\/a><\/td>Windows Audio Service Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows Media<\/td>CVE-2019-1085<\/a><\/td>Windows WLAN Service Elevation of Privilege Vulnerability<\/td>Important<\/td><\/tr>
Windows RDP<\/td>CVE-2019-1108<\/a><\/td>Remote Desktop Protocol Client Information Disclosure Vulnerability<\/td>Important<\/td><\/tr>
Windows Shell<\/td>CVE-2019-1099<\/a><\/td>Windows GDI Information Disclosure Vulnerability<\/td>Important<\/td><\/tr><\/tbody><\/table>\n\n\n\n

III. Referencia a soluciones, herramientas e informaci\u00f3n
\nActualizar utilizando Windows Update<\/p>\n\n\n\n

IV. Informaci\u00f3n de contacto
\nCSIRT PANAMA
\nComputer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental
\nE-Mail: info@cert.pa
\nPhone: +507 520-CERT (2378)
\nWeb: https:\/\/cert.pa
\nTwitter: @CSIRTPanama
\nFacebook: http:\/\/www.facebook.com\/CSIRTPanama
\nKey ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"

CSIRT Panam\u00e1 Aviso 2019-07-10 Microsoft Libera sus actualizaciones de seguridad para Julio Gravedad: Alta Fecha de publicaci\u00f3n: Julio 10, 2019 \u00daltima revisi\u00f3n: Julio 09, 2019 https:\/\/portal.msrc.microsoft.com\/en-us\/security-guidance\/releasenotedetail\/48293f19-d662-e911-a98e-000d3a33c573 Sistemas Afectados: Microsoft Windows Internet Explorer Microsoft Edge Microsoft…<\/p>\n","protected":false},"author":4,"featured_media":414,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[72,110,92,73,68,45,94],"class_list":["post-1437","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-avisos-de-seguridad","tag-boletines-de-seguridad","tag-office","tag-parches","tag-vulnerabilidades","tag-windows","tag-windows-update"],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1437","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1437"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1437\/revisions"}],"predecessor-version":[{"id":1439,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/1437\/revisions\/1439"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/414"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1437"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1437"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1437"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}