Tienda Wifi

Tienda Wifi
CiudadWireless es la tienda Wifi recomendada por elhacker.NET

Buscador

Entradas Mensuales

Suscripción

¿Quieres recibir las últimas novedades del blog en tu correo?

¡Suscríbete al feed!

Foro de elhacker.net - Noticias

elhacker.NET en Facebook

Entradas populares

PostHeaderIcon Importantes actualizaciones de seguridad para productos Microsoft y Adobe




Como cada segundo martes de cada mes, llegan las actualizaciones de seguridad de Microsoft, que incluiye la reciente vulnerabilidad BlueBorne. Además de Microsoft, Adobe también es una de las compañías que ha aprovechado para actualizar sus productos, entre los que destaca el complemento Adobe Flash Player.







Vulnerabilidades en Adobe Flash Player

Las vulnerabilidades son del tipo “corrupción de memoria” y pueden permitir a un atacante ejecutar código directamente en la memoria del sistema a través de ellas. Ambas vulnerabilidades han sido registradas con los códigos CVE-2017-11281 y CVE-2017-11282.

Descargar e instalar la nueva versión para Windows, macOS y Linux, versión que, una vez instalada, debería corresponder con la 27.0.0.130.

Descargar Adobe Flash Player Offline Installer


Recordamos que Flash tiene los días contados, y es que la compañía ya ha puesto fecha a la muerte de este obsoleto y peligroso complemento, el 2020.


Vulnerabilidades en Microsoft Windows

Microsoft también ha aprovechado este segundo martes de septiembre para lanzar sus correspondientes parches de seguridad con los que solucionar un total de 82 vulnerabilidades, tanto en Windows como en Internet Explorer y Microsoft Edge, vulnerabilidades que, aunque aún no están siendo explotadas por piratas informáticos, sí pueden llegar a suponer un peligro para los usuarios.

  • Windows 7: soluciona 22 vulnerabilidades, 3 de las cuales son críticas y 19 importantes.
  • Windows 8.1: soluciona 26 vulnerabilidades, 4 de las cuales son críticas y 22 importantes.
  • Windows 10 Creators Update: Soluciona 25 vulnerabilidades, 2 de ellas críticas y 23 importantes.



Los usuarios de Windows 10 recibirán esta nueva versión de Flash directamente a través de Windows Update, como si se tratase de una actualización más de Microsoft, y los usuarios de Google Chrome recibirán la nueva versión del complemento directamente desde el propio navegador sin tener que hacer nada más.



Product

CVE ID CVE Title
.NET Framework CVE-2017-8759 .NET Framework Remote Code Execution Vulnerability
Adobe Flash Player ADV170013 September 2017 Flash Security Update
Device Guard CVE-2017-8746 Device Guard Security Feature Bypass Vulnerability
HoloLens CVE-2017-9417 Broadcom BCM43xx Remote Code Execution Vulnerability
Internet Explorer CVE-2017-8749 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2017-8747 Internet Explorer Memory Corruption Vulnerability
Internet Explorer CVE-2017-8733 Internet Explorer Spoofing Vulnerability
Microsoft Bluetooth Driver CVE-2017-8628 Microsoft Bluetooth Driver Spoofing Vulnerability
Microsoft Browsers CVE-2017-8736 Microsoft Browser Information Disclosure Vulnerability
Microsoft Browsers CVE-2017-8750 Microsoft Browser Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8757 Microsoft Edge Remote Code Execution Vulnerability
Microsoft Edge CVE-2017-8597 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2017-8723 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2017-11766 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8643 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2017-8648 Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge CVE-2017-8735 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2017-8755 Scripting Engine Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8754 Microsoft Edge Security Feature Bypass Vulnerability
Microsoft Edge CVE-2017-8751 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8734 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8724 Microsoft Edge Spoofing Vulnerability
Microsoft Edge CVE-2017-8731 Microsoft Edge Memory Corruption Vulnerability
Microsoft Edge CVE-2017-8756 Scripting Engine Memory Corruption Vulnerability
Microsoft Exchange Server CVE-2017-11761 Microsoft Exchange Information Disclosure Vulnerability
Microsoft Exchange Server CVE-2017-8758 Microsoft Exchange Cross-Site Scripting Vulnerability
Microsoft Graphics Component CVE-2017-8688 Windows GDI+ Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-8685 Windows GDI+ Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-8695 Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-8683 Win32k Graphics Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-8696 Microsoft Graphics Component Remote Code Execution
Microsoft Graphics Component CVE-2017-8684 Windows GDI+ Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2017-8682 Win32k Graphics Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2017-8720 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2017-8676 Windows GDI+ Information Disclosure Vulnerability
Microsoft Office CVE-2017-8632 Microsoft Office Memory Corruption Vulnerability
Microsoft Office CVE-2017-8725 Microsoft Office Publisher Remote Code Execution
Microsoft Office CVE-2017-8630 Microsoft Office Memory Corruption Vulnerability
Microsoft Office CVE-2017-8743 PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2017-8742 PowerPoint Remote Code Execution Vulnerability
Microsoft Office CVE-2017-8745 Microsoft SharePoint Cross Site Scripting Vulnerability
Microsoft Office CVE-2017-8744 Microsoft Office Memory Corruption Vulnerability
Microsoft Office CVE-2017-8567 Microsoft Office Remote Code Execution
Microsoft Office ADV170015 Microsoft Office Defense in Depth Update
Microsoft Office CVE-2017-8629 Microsoft SharePoint XSS Vulnerability
Microsoft Office CVE-2017-8631 Microsoft Office Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8738 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8729 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8739 Scripting Engine Information Disclosure Vulnerability
Microsoft Scripting Engine CVE-2017-8740 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8741 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8649 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8660 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8748 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-11764 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8752 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2017-8753 Scripting Engine Memory Corruption Vulnerability
Microsoft Uniscribe CVE-2017-8692 Uniscribe Remote Code Execution Vulnerability
Microsoft Windows CVE-2017-8699 Windows Shell Remote Code Execution Vulnerability
Microsoft Windows CVE-2017-8710 Windows Information Disclosure Vulnerability
Microsoft Windows CVE-2017-8716 Windows Security Feature Bypass Vulnerability
Microsoft Windows CVE-2017-8702 Windows Elevation of Privilege Vulnerability
Microsoft Windows PDF CVE-2017-8737 Microsoft PDF Remote Code Execution Vulnerability
Microsoft Windows PDF CVE-2017-8728 Microsoft PDF Remote Code Execution Vulnerability
Windows DHCP Server CVE-2017-8686 Windows DHCP Server Remote Code Execution Vulnerability
Windows Hyper-V CVE-2017-8712 Hyper-V Information Disclosure Vulnerability
Windows Hyper-V CVE-2017-8713 Hyper-V Information Disclosure Vulnerability
Windows Hyper-V CVE-2017-8714 Remote Desktop Virtual Host Remote Code Execution Vulnerability
Windows Hyper-V CVE-2017-8711 Hyper-V Information Disclosure Vulnerability
Windows Hyper-V CVE-2017-8707 Hyper-V Information Disclosure Vulnerability
Windows Hyper-V CVE-2017-8704 Hyper-V Denial of Service Vulnerability
Windows Hyper-V CVE-2017-8706 Hyper-V Information Disclosure Vulnerability
Windows Kernel CVE-2017-8719 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2017-8708 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2017-8679 Windows Kernel Information Disclosure Vulnerability
Windows Kernel CVE-2017-8709 Windows Kernel Information Disclosure Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8687 Win32k Information Disclosure Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8681 Win32k Information Disclosure Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8675 Win32k Elevation of Privilege Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8678 Win32k Information Disclosure Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8677 Win32k Information Disclosure Vulnerability
Windows Kernel-Mode Drivers CVE-2017-8680 Win32k Information Disclosure Vulnerability
Windows NetBIOS CVE-2017-0161 NetBIOS Remote Code Execution Vulnerability


Title CVE
Publicly Disclosed? Exploited? Impact Rating
.NET Framework Remote Code Execution Vulnerability CVE-2017-8759
Not Publicly Disclosed Exploited! Remote Code Execution Important
Broadcom BCM43xx Remote Code Execution Vulnerability CVE-2017-9417
Publicly Disclosed Not Exploited Remote Code Execution Important
Device Guard Security Feature Bypass Vulnerability CVE-2017-8746
Publicly Disclosed Not Exploited Security Feature Bypass Important
Graphics Component Information Disclosure Vulnerability CVE-2017-8695
Not Publicly Disclosed Not Exploited Information Disclosure Important
Hyper-V Denial of Service Vulnerability CVE-2017-8704
Not Publicly Disclosed Not Exploited Denial of Service Important
Hyper-V Information Disclosure Vulnerability CVE-2017-8706
Not Publicly Disclosed Not Exploited Information Disclosure Important
Hyper-V Information Disclosure Vulnerability CVE-2017-8707
Not Publicly Disclosed Not Exploited Information Disclosure Important
Hyper-V Information Disclosure Vulnerability CVE-2017-8711
Not Publicly Disclosed Not Exploited Information Disclosure Important
Hyper-V Information Disclosure Vulnerability CVE-2017-8712
Not Publicly Disclosed Not Exploited Information Disclosure Important
Hyper-V Information Disclosure Vulnerability CVE-2017-8713
Not Publicly Disclosed Not Exploited Information Disclosure Important
Internet Explorer Memory Corruption Vulnerability CVE-2017-8747
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Internet Explorer Memory Corruption Vulnerability CVE-2017-8749
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Internet Explorer Spoofing Vulnerability CVE-2017-8733
Not Publicly Disclosed Not Exploited Spoofing Important
Microsoft Bluetooth Driver Spoofing Vulnerability CVE-2017-8628
Not Publicly Disclosed Not Exploited Spoofing Important
Microsoft Browser Information Disclosure Vulnerability CVE-2017-8736
Not Publicly Disclosed Not Exploited Information Disclosure Important
Microsoft Browser Memory Corruption Vulnerability CVE-2017-8750
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Edge Information Disclosure Vulnerability CVE-2017-8597
Not Publicly Disclosed Not Exploited Information Disclosure Important
Microsoft Edge Information Disclosure Vulnerability CVE-2017-8643
Not Publicly Disclosed Not Exploited Information Disclosure Important
Microsoft Edge Information Disclosure Vulnerability CVE-2017-8648
Not Publicly Disclosed Not Exploited Information Disclosure Important
Microsoft Edge Memory Corruption Vulnerability CVE-2017-11766
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Edge Memory Corruption Vulnerability CVE-2017-8731
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Edge Memory Corruption Vulnerability CVE-2017-8734
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Edge Memory Corruption Vulnerability CVE-2017-8751
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Edge Remote Code Execution Vulnerability CVE-2017-8757
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Edge Security Feature Bypass Vulnerability CVE-2017-8723
Publicly Disclosed Not Exploited Security Feature Bypass Moderate
Microsoft Edge Security Feature Bypass Vulnerability CVE-2017-8754
Not Publicly Disclosed Not Exploited Security Feature Bypass Important
Microsoft Edge Spoofing Vulnerability CVE-2017-8724
Not Publicly Disclosed Not Exploited Spoofing Important
Microsoft Edge Spoofing Vulnerability CVE-2017-8735
Not Publicly Disclosed Not Exploited Spoofing Moderate
Microsoft Exchange Cross-Site Scripting Vulnerability CVE-2017-8758
Not Publicly Disclosed Not Exploited Elevation of Privilege Important
Microsoft Exchange Information Disclosure Vulnerability CVE-2017-11761
Not Publicly Disclosed Not Exploited Information Disclosure Important
Microsoft Graphics Component Remote Code Execution CVE-2017-8696
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft Office Defense in Depth Update ADV170015
Publicly Disclosed Exploited! Defense in Depth N/A
Microsoft Office Memory Corruption Vulnerability CVE-2017-8630
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Microsoft Office Memory Corruption Vulnerability CVE-2017-8631
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Microsoft Office Memory Corruption Vulnerability CVE-2017-8632
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Microsoft Office Memory Corruption Vulnerability CVE-2017-8744
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Microsoft Office Publisher Remote Code Execution CVE-2017-8725
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Microsoft Office Remote Code Execution CVE-2017-8567
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Microsoft PDF Remote Code Execution Vulnerability CVE-2017-8728
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft PDF Remote Code Execution Vulnerability CVE-2017-8737
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Microsoft SharePoint Cross Site Scripting Vulnerability CVE-2017-8745
Not Publicly Disclosed Not Exploited Elevation of Privilege Important
Microsoft SharePoint XSS Vulnerability CVE-2017-8629
Not Publicly Disclosed Not Exploited Elevation of Privilege Important
NetBIOS Remote Code Execution Vulnerability CVE-2017-0161
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
PowerPoint Remote Code Execution Vulnerability CVE-2017-8742
Not Publicly Disclosed Not Exploited Remote Code Execution Important
PowerPoint Remote Code Execution Vulnerability CVE-2017-8743
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Remote Desktop Virtual Host Remote Code Execution Vulnerability CVE-2017-8714
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Scripting Engine Information Disclosure Vulnerability CVE-2017-8739
Not Publicly Disclosed Not Exploited Information Disclosure Important
Scripting Engine Memory Corruption Vulnerability CVE-2017-11764
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8649
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8660
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8729
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8738
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8740
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8741
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8748
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8752
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8753
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8755
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Scripting Engine Memory Corruption Vulnerability CVE-2017-8756
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
September 2017 Flash Security Update ADV170013
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Uniscribe Remote Code Execution Vulnerability CVE-2017-8692
Not Publicly Disclosed Not Exploited Remote Code Execution Important
Win32k Elevation of Privilege Vulnerability CVE-2017-8675
Not Publicly Disclosed Not Exploited Elevation of Privilege Important
Win32k Elevation of Privilege Vulnerability CVE-2017-8720
Not Publicly Disclosed Not Exploited Elevation of Privilege Important
Win32k Graphics Information Disclosure Vulnerability CVE-2017-8683
Not Publicly Disclosed Not Exploited Information Disclosure Important
Win32k Graphics Remote Code Execution Vulnerability CVE-2017-8682
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Win32k Information Disclosure Vulnerability CVE-2017-8677
Not Publicly Disclosed Not Exploited Information Disclosure Important
Win32k Information Disclosure Vulnerability CVE-2017-8678
Not Publicly Disclosed Not Exploited Information Disclosure Important
Win32k Information Disclosure Vulnerability CVE-2017-8680
Not Publicly Disclosed Not Exploited Information Disclosure Important
Win32k Information Disclosure Vulnerability CVE-2017-8681
Not Publicly Disclosed Not Exploited Information Disclosure Important
Win32k Information Disclosure Vulnerability CVE-2017-8687
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows DHCP Server Remote Code Execution Vulnerability CVE-2017-8686
Not Publicly Disclosed Not Exploited Remote Code Execution Critical
Windows Elevation of Privilege Vulnerability CVE-2017-8702
Not Publicly Disclosed Not Exploited Elevation of Privilege Important
Windows GDI+ Information Disclosure Vulnerability CVE-2017-8676
Not Publicly Disclosed Not Exploited Information Disclosure Critical
Windows GDI+ Information Disclosure Vulnerability CVE-2017-8684
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows GDI+ Information Disclosure Vulnerability CVE-2017-8685
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows GDI+ Information Disclosure Vulnerability CVE-2017-8688
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows Information Disclosure Vulnerability CVE-2017-8710
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows Kernel Information Disclosure Vulnerability CVE-2017-8679
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows Kernel Information Disclosure Vulnerability CVE-2017-8708
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows Kernel Information Disclosure Vulnerability CVE-2017-8709
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows Kernel Information Disclosure Vulnerability CVE-2017-8719
Not Publicly Disclosed Not Exploited Information Disclosure Important
Windows Security Feature Bypass Vulnerability CVE-2017-8716
Not Publicly Disclosed Not Exploited Security Feature Bypass Important
Windows Shell Remote Code Execution Vulnerability CVE-2017-8699
Not Publicly Disclosed Not Exploited Remote Code Execution Important


Fuentes:
https://www.redeszone.net/2017/09/13/actualizacion-adobe-flash-player-septiembre-2017/

0 comentarios :

Publicar un comentario

Los comentarios pueden ser revisados en cualquier momento por los moderadores.

Serán publicados aquellos que cumplan las siguientes condiciones:
- Comentario acorde al contenido del post.
- Prohibido mensajes de tipo SPAM.
- Evite incluir links innecesarios en su comentario.
- Contenidos ofensivos, amenazas e insultos no serán permitidos.

Debe saber que los comentarios de los lectores no reflejan necesariamente la opinión del STAFF.