Boletines de Seguridad Microsoft Julio 2017

Se han publicado las actualizaciones de seguridad Microsoft, tarea realizada cada segundo martes de mes. Como sabes, desde hace algunos meses, ahora se publican parches acumulativos que te permitirán poner al día tus sistemas instalados desde cero, sin que la tarea se torne interminable.

Entre las novedades de este mes, se mitigan 54 vulnerabilidades que afectan sobre Windows, Edge, Internet Explorer, Sharepoint, Office, .NET Framework, Hololens y Exchange.

En concreto, de las 54 actualizaciones, 19 son de nivel crítico, 32 de nivel importante y 3 moderadas. Entre las CVEs publicadas, cuatro eran de dominio público, si bien, de momento no hay constancia de su explotación.

A continuación puedes consultar el detalle de las nuevas vulnerabilidades publicadas y mitigadas con las actualizaciones de Julio 2017:

CVE Severity Title
CVE-2017-8584 Critical HoloLens Remote Code Execution Vulnerability
CVE-2017-8587 Important Windows Explorer Denial of Service Vulnerability
CVE-2017-8602 Important Microsoft Browser Spoofing Vulnerability
CVE-2017-8611 Moderate Microsoft Edge Spoofing Vulnerability
CVE-2017-8463 Critical Windows Explorer Remote Code Execution Vulnerability
CVE-2017-8589 Critical Windows Search Remote Code Execution Vulnerability
CVE-2017-8594 Critical Internet Explorer Memory Corruption Vulnerability
CVE-2017-8595 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8596 Critical Microsoft Edge Memory Corruption Vulnerability
CVE-2017-8598 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8601 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8603 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8604 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8605 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8607 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8608 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8610 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8617 Critical Microsoft Edge Remote Code Execution Vulnerability
CVE-2017-8619 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8606 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8609 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-8618 Critical Scripting Engine Memory Corruption Vulnerability
CVE-2017-0243 Important Microsoft Office Remote Code Execution Vulnerability
CVE-2017-8467 Important Win32k Elevation of Privilege Vulnerability
CVE-2017-8486 Important Win32k Information Disclosure Vulnerability
CVE-2017-8495 Important Kerberos SNAME Security Feature Bypass Vulnerability
CVE-2017-8501 Important Microsoft Office Memory Corruption Vulnerability
CVE-2017-8502 Important Microsoft Office Memory Corruption Vulnerability
CVE-2017-8556 Important Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2017-8557 Important Windows System Information Console Information Disclosure Vulnerability
CVE-2017-8559 Important Microsoft Exchange Cross-Site Scripting Vulnerability
CVE-2017-8560 Important Microsoft Exchange Cross-Site Scripting Vulnerability
CVE-2017-8561 Important Windows Kernel Elevation of Privilege Vulnerability
CVE-2017-8562 Important Windows ALPC Elevation of Privilege Vulnerability
CVE-2017-8563 Important Windows Elevation of Privilege Vulnerability
CVE-2017-8564 Important Windows Kernel Information Disclosure Vulnerability
CVE-2017-8565 Important Windows PowerShell Remote Code Execution Vulnerability
CVE-2017-8566 Important Windows IME Elevation of Privilege Vulnerability
CVE-2017-8569 Important SharePoint Server XSS Vulnerability
CVE-2017-8570 Important Microsoft Office Remote Code Execution Vulnerability
CVE-2017-8573 Important Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2017-8574 Important Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2017-8577 Important Win32k Elevation of Privilege Vulnerability
CVE-2017-8578 Important Win32k Elevation of Privilege Vulnerability
CVE-2017-8580 Important Win32k Elevation of Privilege Vulnerability
CVE-2017-8581 Important Win32k Elevation of Privilege Vulnerability
CVE-2017-8582 Important Https.sys Information Disclosure Vulnerability
CVE-2017-8585 Important .NET Denial of Service Vulnerability
CVE-2017-8588 Important WordPad Remote Code Execution Vulnerability
CVE-2017-8590 Important Windows CLFS Elevation of Privilege Vulnerability
CVE-2017-8599 Important Microsoft Edge Security Feature Bypass Vulnerability
CVE-2017-8592 Important Microsoft Browser Security Feature Bypass
CVE-2017-0170 Moderate Windows Performance Monitor Information Disclosure Vulnerability
CVE-2017-8621 Moderate Microsoft Exchange Open Redirect Vulnerability

=>Ciberconsejo: Actualiza tus sistemas lo antes posible. Anota en tu agenda esta tarea cada segundo martes de mes.

Deja un comentario

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.