{"id":7124,"date":"2024-08-14T12:26:19","date_gmt":"2024-08-14T17:26:19","guid":{"rendered":"https:\/publicacion\/alerta-2024-21-multiples-vulnerabilidades-criticas-en-windows\/"},"modified":"2024-10-21T21:37:45","modified_gmt":"2024-10-22T02:37:45","slug":"2024-21-multiples-vulnerabilidades-criticas-en-windows","status":"publish","type":"publicacion","link":"https:\/\/beaconlab.us\/es\/publicacion\/2024-21-multiples-vulnerabilidades-criticas-en-windows\/","title":{"rendered":"Alerta 2024-21 M\u00faltiples vulnerabilidades cr\u00edticas en Windows"},"content":{"rendered":"<h2>Producto(s) afectado(s):<\/h2>\n<ul>\n<li><span class=\"TextRun SCXW118913516 BCX8\" lang=\"EN-US\" xml:lang=\"EN-US\" data-contrast=\"none\"><span class=\"NormalTextRun SCXW118913516 BCX8\">M<\/span><span class=\"NormalTextRun SCXW118913516 BCX8\">\u00faltiples <\/span><span class=\"NormalTextRun SpellingErrorV2Themed SCXW118913516 BCX8\">productos<\/span><span class=\"NormalTextRun SCXW118913516 BCX8\"> Productos Microsoft<\/span><\/span><span class=\"EOP SCXW118913516 BCX8\" data-ccp-props=\"{}\"> <\/span><\/li>\n<\/ul>\n<h2>Descripci\u00f3n<\/h2>\n<p><span data-contrast=\"none\">ste mes, Microsoft public\u00f3 un parche que corrige 90 nuevas vulnerabilidades que afectan a varios productos, como Windows y sus componentes, Office y Office Components, .NET y Visual Studio, Azure, Co-Pilot, Microsoft Dynamics, Teams y Secure Boot.<\/span><span data-ccp-props=\"{\"> <\/span><\/p>\n<p><span data-contrast=\"none\">De las actualizaciones publicadas, siete est\u00e1n clasificadas como cr\u00edticas, 79 como importantes y una como de gravedad moderada, algunas de ellas con explotaci\u00f3n activa.<\/span><span data-ccp-props=\"{\"> <\/span><span data-ccp-props=\"{\"> <\/span><\/p>\n<p><span data-contrast=\"none\">Puedes consultar la lista completa de CVEs publicada por Microsoft en el siguiente enlace: <\/span><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2024-Aug\"><span data-contrast=\"none\">https:\/\/msrc.microsoft.com\/update-guide\/releaseNote\/2024-Aug<\/span><\/a><span data-contrast=\"none\">.<\/span><span data-ccp-props=\"{\"> <\/span><span class=\"NormalTextRun SCXW89699769 BCX8\" data-ccp-parastyle=\"Quote\">).<\/span><\/p>\n<p><span data-contrast=\"none\">A continuaci\u00f3n se destacan algunas de las vulnerabilidades m\u00e1s relevantes:<\/span><span data-ccp-props=\"{\"> <\/span><span data-ccp-props=\"{\"> <\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{\" aria-setsize=\"-1\" data-aria-posinset=\"1\" data-aria-level=\"1\"><b><span data-contrast=\"none\">CVE-2024-38063<\/span><\/b><span data-contrast=\"none\">Ejecuci\u00f3n remota de c\u00f3digo en Windows TCP\/IP. <\/span>  <span data-ccp-props=\"{\"> <\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"none\">Se trata de una vulnerabilidad RCE cr\u00edtica con una puntuaci\u00f3n CVSSv3 de 9,8, clasificada como \u00abExplotaci\u00f3n m\u00e1s probable\u00bb. Un atacante podr\u00eda explotarla de forma remota enviando paquetes IPv6 especialmente dise\u00f1ados a un host.   <\/span><span data-ccp-props=\"{\"> <\/span><\/p>\n<p><span data-ccp-props=\"{\"> <\/span><\/p>\n<ul>\n<li data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"3\" data-list-defn-props=\"{\" aria-setsize=\"-1\" data-aria-posinset=\"2\" data-aria-level=\"1\"><b><span data-contrast=\"none\">CVE-2024-38140<\/span><\/b><span data-contrast=\"none\">Ejecuci\u00f3n remota de c\u00f3digo en Windows Reliable Multicast Transport Driver (RMCAST). <\/span>  <span data-ccp-props=\"{\"> <\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"none\">Otra vulnerabilidad RCE cr\u00edtica, con una puntuaci\u00f3n CVSSv3 de 9,8. Un atacante no autenticado podr\u00eda aprovecharse de ella enviando paquetes manipulados a un socket de multidifusi\u00f3n general pragm\u00e1tica (PGM) de Windows, sin requerir la interacci\u00f3n del usuario.   <\/span><span data-ccp-props=\"{\"> <\/span><\/p>\n","protected":false},"featured_media":6363,"template":"","class_list":["post-7124","publicacion","type-publicacion","status-publish","has-post-thumbnail","hentry"],"acf":{"activar_pdf_link":true,"pdf":6166,"numero_de_boletin":"","traffic_light_protocol":"Amber"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/7124","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion"}],"about":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/types\/publicacion"}],"version-history":[{"count":1,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/7124\/revisions"}],"predecessor-version":[{"id":7786,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/7124\/revisions\/7786"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media\/6363"}],"wp:attachment":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media?parent=7124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}