Microsoft parcha dos zero day en el »martes de parches masivo»

Microsoft publicó 80 correcciones de seguridad en 15 productos y servicios, como parte del lote mensual de actualizaciones de seguridad de la compañía, conocido como Patch Tuesday.

De las 80 vulnerabilidades parchadas, dos son de día cero, fallas de seguridad que habían sido explotadas antes de que Microsoft lanzara las correcciones.

Los dos días cero corresponden a CVE-2019-1214 y CVE-2019-1215. Ambas son vulnerabilidades de elevación de privilegios (EoP). Estos tipos de vulnerabilidades generalmente son explotados por malware para obtener la capacidad de ejecutar código malicioso con privilegios de administrador en hosts (previamente) infectados.

El primer error, CVE-2019-1214, es una EoP en el controlador del Sistema de archivos de registro común de Windows (CLFS). El segundo, CVE-2019-1215, afecta el servicio ws2ifsl.sys (Winsock).

Como de costumbre, Microsoft no reveló ningún detalle de cómo se estaban explotando los dos errores, solo reconoció a un investigador de seguridad del equipo Qihoo 360 Vulcan por descubrir el primero.

En general, el Patch Tuesday de este mes es tan voluminoso como todos los lanzamientos del Patch Tuesday de los últimos meses, que se han disparado regularmente a más de 70 errores corregidos de forma regular.

También, al igual que en los últimos meses, Microsoft parchó errores de ejecución remota de código en el Protocolo de escritorio remoto: CVE-2019-1290 y CVE-2019-1291.

Ambos errores fueron descubiertos por el equipo interno de Microsoft, y a diferencia de las vulnerabilidades BlueKeep y DejaBlue divulgadas en mayo y agosto, Microsoft no dijo si estos dos podrían ser abusados ​​para crear malware / exploits auto propagables.

Actualizaciones que no pertenecen a Microsoft

Dado que el martes de parches de Microsoft también es el día en que otros proveedores lanzan parches de seguridad, los administradores del sistema también pueden querer instalar parches lanzados hoy por Adobe y SAP.

Adobe Flash PlayerADV190022September 2019 Adobe Flash Security Update
Servicing Stack UpdatesADV990001Latest Servicing Stack Updates
.NET CoreCVE-2019-1301.NET Core Denial of Service Vulnerability
.NET FrameworkCVE-2019-1142.NET Framework Elevation of Privilege Vulnerability
Active DirectoryCVE-2019-1273Active Directory Federation Services XSS Vulnerability
ASP.NETCVE-2019-1302ASP.NET Core Elevation Of Privilege Vulnerability
Common Log File System DriverCVE-2019-1282Windows Common Log File System Driver Information Disclosure Vulnerability
Common Log File System DriverCVE-2019-1214Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft BrowsersCVE-2019-1220Microsoft Browser Security Feature Bypass Vulnerability
Microsoft EdgeCVE-2019-1299Microsoft Edge based on Edge HTML Information Disclosure Vulnerability
Microsoft Exchange ServerCVE-2019-1233Microsoft Exchange Denial of Service Vulnerability
Microsoft Exchange ServerCVE-2019-1266Microsoft Exchange Spoofing Vulnerability
Microsoft Graphics ComponentCVE-2019-1245DirectWrite Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-1252Windows GDI Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-1284DirectX Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2019-1283Microsoft Graphics Components Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-1216DirectX Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-1286Windows GDI Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-1244DirectWrite Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2019-1251DirectWrite Information Disclosure Vulnerability
Microsoft JET Database EngineCVE-2019-1248Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1246Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1243Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1247Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1241Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1240Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1250Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1249Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2019-1242Jet Database Engine Remote Code Execution Vulnerability
Microsoft OfficeCVE-2019-1264Microsoft Office Security Feature Bypass Vulnerability
Microsoft OfficeCVE-2019-1263Microsoft Excel Information Disclosure Vulnerability
Microsoft OfficeCVE-2019-1297Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office SharePointCVE-2019-1259Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePointCVE-2019-1260Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePointCVE-2019-1295Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePointCVE-2019-1257Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePointCVE-2019-1296Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePointCVE-2019-1262Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2019-1261Microsoft SharePoint Spoofing Vulnerability
Microsoft Scripting EngineCVE-2019-1298Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-1300Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-1217Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-1208VBScript Remote Code Execution Vulnerability
Microsoft Scripting EngineCVE-2019-1138Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-1221Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-1237Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2019-1236VBScript Remote Code Execution Vulnerability
Microsoft WindowsCVE-2019-1219Windows Transaction Manager Information Disclosure Vulnerability
Microsoft WindowsCVE-2019-1280LNK Remote Code Execution Vulnerability
Microsoft WindowsCVE-2019-1277Windows Audio Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1278Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1215Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1289Windows Update Delivery Optimization Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1292Windows Denial of Service Vulnerability
Microsoft WindowsCVE-2019-1294Windows Secure Boot Security Feature Bypass Vulnerability
Microsoft WindowsCVE-2019-1287Windows Network Connectivity Assistant Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1270Microsoft Windows Store Installer Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1235Windows Text Service Framework Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1271Windows Media Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1303Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1272Windows ALPC Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1269Windows ALPC Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1253Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1267Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2019-1268Winlogon Elevation of Privilege Vulnerability
Microsoft YammerCVE-2019-1265Microsoft Yammer Security Feature Bypass Vulnerability
Project RomeCVE-2019-1231Rome SDK Information Disclosure Vulnerability
Skype for Business and Microsoft LyncCVE-2019-1209Lync 2013 Information Disclosure Vulnerability
Team Foundation ServerCVE-2019-1305Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation ServerCVE-2019-1306Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability
Visual StudioCVE-2019-1232Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Windows Hyper-VCVE-2019-0928Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-VCVE-2019-1254Windows Hyper-V Information Disclosure Vulnerability
Windows KernelCVE-2019-1274Windows Kernel Information Disclosure Vulnerability
Windows KernelCVE-2019-1293Windows SMB Client Driver Information Disclosure Vulnerability
Windows KernelCVE-2019-1285Win32k Elevation of Privilege Vulnerability
Windows KernelCVE-2019-1256Win32k Elevation of Privilege Vulnerability
Windows RDPCVE-2019-1291Remote Desktop Client Remote Code Execution Vulnerability
Windows RDPCVE-2019-1290Remote Desktop Client Remote Code Execution Vulnerability
Windows RDPCVE-2019-0788Remote Desktop Client Remote Code Execution Vulnerability
Windows RDPCVE-2019-0787Remote Desktop Client Remote Code Execution Vulnerability