Fecha de publicación: enero 18, 2021 5:40 pm Nivel de importancia: Alta
Sistemas Afectados
- ASP.NET Core 3.1
- ASP.NET Core 5.0
- Bot Framework SDK for .NET Framework | JavaScript | Python
- Excel Services
- HEVC Video Extensions
- Microsoft 365 Apps for Enterprise (para sistemas 32-bit y 64-bit)
- Microsoft Azure Kubernetes Service
- Microsoft Edge (EdgeHTML-based)
- Microsoft Excel 2010 Service Pack 2 (32-bit y 64-bit) |2013 RT Service Pack 1 | 2013 Service Pack 2 (32-bit y 64-bit) |2016 (32-bit y 64-bit)
- Microsoft Office 2010 Service Pack 2 (32-bit y 64-bit editions) |2013 RT Service Pack 1 |2013 (32-bit y 64-bit editions) |2016 (32-bit y 64-bit editions) |2019 (32-bit y 64-bit editions)|2019 for Mac
- Online Server Web Apps 2010 Service Pack 2 y Web Apps 2013 Service Pack 1
- Microsoft Remote Desktop
- Microsoft Remote Desktop for Android
- Microsoft Security Essentials
- Microsoft SharePoint
- Enterprise Server 2013 Service Pack 1
- Enterprise Server 2016
- Foundation 2010 Service Pack 2 y Foundation 2013 Service Pack 1
- Server 2010 Service Pack 2
- Server 2019
- Microsoft SQL Server
- 2012 for 32-bit Systems Service Pack 4 (QFE)
- 2012 for x64-based Systems Service Pack 4 (QFE)
- 2014 Service Pack 3 for 32-bit Systems (CU 4)
- 2014 Service Pack 3 for 32-bit Systems (GDR)
- 2014 Service Pack 3 for x64-based Systems (CU 4)
- 2014 Service Pack 3 for x64-based Systems (GDR)
- 2016 for x64-based Systems Service Pack 2 (GDR)
- 2016 Service Pack 2 for x64-based Systems (CU 15)
- 2017 for x64-based Systems (CU 22)
- 2017 for x64-based Systems (GDR)
- 2019 for x64-based Systems (CU 8)
- 2019 for x64-based Systems (GDR)
- Microsoft System Center 2012 Endpoint Protection y 2012 R2 Endpoint Protection
- Endpoint Protection
- Microsoft Visual Studio
- 2015 Update 3
- 2017 version 15.9 (includes 15.0 – 15.8)
- 2019 version 16.0
- 2019 version 16.4 (includes 16.0 – 16.3)
- 2019 version 16.7 (includes 16.0 – 16.6)
- 2019 version 16.8
- Microsoft Word
- 2010 Service Pack 2 (32-bit y 64-bit editions)
- 2013 RT Service Pack 1
- 2013 Service Pack 1 (32-bit y 64-bit editions)
- 2016 (32-bit y 64-bit editions)
- Remote Desktop client for Windows Desktop
- Windows 10 (32-bit y 64-bit)
- Version 1607, 1803, 1809, 1909, 2004, 20H2, para 32 bit, 64 bit y ARM64-based
- Windows 7
- 32-bit Systems Service Pack 1
- x64-based Systems Service Pack 1
- Windows 8.1
- 32-bit systems
- x64-based systems
- Windows Defender
- Windows RT 8.1
- Windows Server 2008
- 32-bit Systems Service Pack 2
- 32-bit Systems Service Pack 2 (Server Core installation)
- x64-based Systems Service Pack 2
- x64-based Systems Service Pack 2 (Server Core installation)
- R2 for x64-based Systems Service Pack 1
- R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012
- Server Core installation
- R2 y R2 (Server Core installation)
- Windows Server 2016
- Server Core installation 2016
- Windows Server 2019
- Server Core installation
- Windows Server version 1909-2004 -20H2
Descripción
Microsoft ha publicado actualizaciones que solucionan 26 vulnerabilidades, 02 de las cuales son clasificadas como críticas y 24 importantes. Además, se informan 57 vulnerabilidades adicionales de las cuales 7 de ellas críticas. Estas vulnerabilidades pueden permitir a un ciberatacante la realización de denegación de servicio, elevación de privilegios, acceso a información confidencial o ejecución de código remoto.
Referencia
- CVE-2020-26870
- CVE-2021-1663
- CVE-2021-1707
- CVE-2021-1636
- CVE-2021-1669
- CVE-2021-1708
- CVE-2021-1637
- CVE-2021-1670
- CVE-2021-1711
- CVE-2021-1643
- CVE-2021-1672
- CVE-2021-1713
- CVE-2021-1644
- CVE-2021-1676
- CVE-2021-1714
- CVE-2021-1645
- CVE-2021-1677
- CVE-2021-1715
- CVE-2021-1647
- CVE-2021-1694
- CVE-2021-1716
- CVE-2021-1648
- CVE-2021-1696
- CVE-2021-1725
- CVE-2021-1656
- CVE-2021-1699
Solución
- Se recomienda realizar el proceso de actualización publicado por Microsoft.
- Security Update Guide
Suscríbete a nuestro boletín de alertas
Enlaces de interés
- CNCS e Idoppril suscriben acuerdo en favor de ciberseguridad nacional
- República Dominicana reúne a líderes de los Equipos de Respuesta ante Incidentes Cibernéticos (CSIRT’s) nacionales de América Latina y el Caribe
- Centro de Ciberseguridad presenta Plataforma de Concientización en Ciberseguridad al Infotep
- CNCS e Idoppril suscriben acuerdo en favor de ciberseguridad nacional
- República Dominicana reúne a líderes de los Equipos de Respuesta ante Incidentes Cibernéticos (CSIRT’s) nacionales de América Latina y el Caribe
- Centro de Ciberseguridad presenta Plataforma de Concientización en Ciberseguridad al Infotep
Siguenos
Este sitio web utiliza Cookies para garantizar la mejor experiencia del usuario. Si continúas utilizando este sitio asumiremos que estás de acuerdo. Leer más acerca del uso de Cookies.AceptarRechazar Leer más
Privacidad y Políticas de cookies
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.