{"id":3812,"date":"2024-06-13T11:00:22","date_gmt":"2024-06-13T16:00:22","guid":{"rendered":"https:\/\/cert.pa\/?p=3812"},"modified":"2025-03-31T15:14:04","modified_gmt":"2025-03-31T20:14:04","slug":"csirt-panama-aviso-2024-06-13-microsoft-actualizaciones-de-seguridad-de-microsoft-de-junio-de-2024","status":"publish","type":"post","link":"https:\/\/cert.pa\/?p=3812","title":{"rendered":"CSIRT Panam\u00e1 Aviso 2024-06-13 Microsoft: Actualizaciones de seguridad de Microsoft de junio de 2024"},"content":{"rendered":"\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>Gravedad: Alta&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<p>Fecha de publicaci\u00f3n: junio 13, 2024<br>\u00daltima revisi\u00f3n: junio 13, 2024<\/p>\n\n\n\n<p>Sitio web: https:\/\/www. microsoft.com<\/p>\n\n\n\n<p>Sistemas Afectados:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Azure Data Science Virtual Machines,<\/li>\n\n\n\n<li>Azure File Sync,<\/li>\n\n\n\n<li>Azure Monitor,<\/li>\n\n\n\n<li>Azure SDK,<\/li>\n\n\n\n<li>Azure Storage Library,<\/li>\n\n\n\n<li>Dynamics Business Central,<\/li>\n\n\n\n<li>Microsoft Dynamics,<\/li>\n\n\n\n<li>Microsoft Office,<\/li>\n\n\n\n<li>Microsoft Office Outlook,<\/li>\n\n\n\n<li>Microsoft Office SharePoint,<\/li>\n\n\n\n<li>Microsoft Office Word,<\/li>\n\n\n\n<li>Microsoft Streaming Service,<\/li>\n\n\n\n<li>Microsoft WDAC OLE DB provider for SQL,<\/li>\n\n\n\n<li>Microsoft Windows Speech,<\/li>\n\n\n\n<li>Visual Studio,<\/li>\n\n\n\n<li>Windows Cloud Files Mini Filter Driver,<\/li>\n\n\n\n<li>Windows Container Manager Service,<\/li>\n\n\n\n<li>Windows Cryptographic Services,<\/li>\n\n\n\n<li>Windows DHCP Server,<\/li>\n\n\n\n<li>Windows Distributed File System (DFS),<\/li>\n\n\n\n<li>Windows Event Logging Service,<\/li>\n\n\n\n<li>Windows Kernel,<\/li>\n\n\n\n<li>Windows Kernel-Mode Drivers,<\/li>\n\n\n\n<li>Windows Link Layer Topology Discovery Protocol,<\/li>\n\n\n\n<li>Windows NT OS Kernel,<\/li>\n\n\n\n<li>Windows Perception Service,<\/li>\n\n\n\n<li>Windows Remote Access Connection Manager,<\/li>\n\n\n\n<li>Windows Routing and Remote Access Service (RRAS),<\/li>\n\n\n\n<li>Windows Server Service,<\/li>\n\n\n\n<li>Windows Standards-Based Storage Management Service,<\/li>\n\n\n\n<li>Windows Storage,<\/li>\n\n\n\n<li>Windows Themes,<\/li>\n\n\n\n<li>Windows Wi-Fi Driver,<\/li>\n\n\n\n<li>Windows Win32 Kernel Subsystem,<\/li>\n\n\n\n<li>Windows Win32K &#8211; GRFX,<\/li>\n\n\n\n<li>Winlogon.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n\n\n<ol class=\"wp-block-list\" style=\"list-style-type:upper-roman\">\n<li><strong>Descripci\u00f3n<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Se han publicado la actualizaci\u00f3n de seguridad del software Microsoft con parches para corregir 49 vulnerabilidades (con CVE asignado), calificada 1 como cr\u00edtica, que afecta a Windows Server Service, y el resto divididas entre severidades importantes, moderadas y bajas.<\/p>\n\n\n\n<ol class=\"wp-block-list\" style=\"list-style-type:upper-roman\">\n<li><strong>Impacto<\/strong><\/li>\n<\/ol>\n\n\n\n<p>La vulnerabilidad de severidad cr\u00edtica publicada se corresponde con el siguiente tipo:<\/p>\n\n\n\n<p><strong>Ejecuci\u00f3n remota de c\u00f3digo &#8211; CVE-2024-30080:<\/strong><\/p>\n\n\n\n<p>La vulnerabilidad cr\u00edtica afecta a Windows Server Service y consiste en una ejecuci\u00f3n remota de c\u00f3digo.<\/p>\n\n\n\n<p><strong>ZDI ha publicado un aviso en su web notificando una vulnerabilidad 0day<\/strong> <strong>de divulgaci\u00f3n de informaci\u00f3n<\/strong> <strong>en la asignaci\u00f3n de permisos de Microsoft Windows.<\/strong><\/p>\n\n\n\n<p>Esta vulnerabilidad permite a atacantes locales revelar informaci\u00f3n confidencial o crear una condici\u00f3n de denegaci\u00f3n de servicio en las instalaciones afectadas de Microsoft Windows. El comportamiento vulnerable se produce solo en determinadas configuraciones de hardware.<\/p>\n\n\n\n<ol class=\"wp-block-list\" style=\"list-style-type:upper-roman\">\n<li><strong>Referencia a soluciones, herramientas e informaci\u00f3n<\/strong><\/li>\n<\/ol>\n\n\n\n<p>Aplicar la actualizaci\u00f3n de seguridad correspondiente. En el sitio oficial de Microsoft se informa de los distintos m\u00e9todos para llevar a cabo dichas actualizaciones.<\/p>\n\n\n\n<p>Enlace: <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2024-Jun\">https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2024-Jun<\/a><\/p>\n\n\n\n<p>Gu\u00eda de Actualizaciones: <a href=\"https:\/\/msrc.microsoft.com\/update-guide\">https:\/\/msrc.microsoft.com\/update-guide<\/a><\/p>\n\n\n\n<p>Vulnerabilidad 0 Day de divulgaci\u00f3n de informaci\u00f3n: https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-24-598\/<\/p>\n\n\n\n<p><strong>Fuentes:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Instituto Nacional de Ciberseguridad, INCIBE. Avisos Seguridad Actualizaciones de seguridad de Microsoft de junio de 2024. 12 de junio del 2024. Recopilado en https:\/\/www.incibe.es\/incibe-cert\/alerta-temprana\/avisos\/actualizaciones-de-seguridad-de-microsoft-de-junio-de-2024<\/li>\n\n\n\n<li>CSIRT CHILE.\u00a0 11 de junio del 2024. Microsoft Patch Tuesday 2024 Junio &#8211; Vulnerabilidades. Recopilado en: https:\/\/csirt.gob.cl\/alertas\/vsa24-01025\/<\/li>\n<\/ol>\n\n\n\n<p><strong>Informaci\u00f3n de contacto<\/strong><br>CSIRT PANAMA<br>Computer Security Incident Response Team Autoridad Nacional para la Innovacion Gubernamental<br>E-Mail: info@cert.pa<br>Phone: +507 520-CERT (2378)<br>Web: https:\/\/cert.pa<br>Twitter: @CSIRTPanama<br>Key ID: 16F2B124<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Gravedad: Alta&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Fecha de publicaci\u00f3n: junio 13, 2024\u00daltima revisi\u00f3n: junio 13, 2024 Sitio web: https:\/\/www. microsoft.com Sistemas Afectados: Azure Data Science Virtual Machines, Azure File Sync, Azure Monitor, Azure SDK, Azure Storage Library, Dynamics Business&#8230;<\/p>\n","protected":false},"author":4,"featured_media":1847,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_uf_show_specific_survey":0,"_uf_disable_surveys":false,"footnotes":""},"categories":[4],"tags":[76,43,72,9,73,80],"class_list":["post-3812","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-avisos-de-seguridad","tag-actualizaciones","tag-alertas","tag-avisos-de-seguridad","tag-microsoft","tag-parches","tag-vulnerabilidad"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3812","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3812"}],"version-history":[{"count":2,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3812\/revisions"}],"predecessor-version":[{"id":4528,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/posts\/3812\/revisions\/4528"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=\/wp\/v2\/media\/1847"}],"wp:attachment":[{"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3812"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3812"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cert.pa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3812"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}