Alert GCSA-13025 - Bollettino di Sicurezza Microsoft Aprile 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13025
Data : 11 aprile 2013
Titolo : Bollettino di Sicurezza Microsoft Aprile 2013
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 9 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi e applicazioni
Windows:
MS13-028 Cumulative Security Update for Internet Explorer (2817183)
MS13-029 Vulnerability in Remote Desktop Client Could Allow Remote
Code Execution (2828223)
MS13-030 Vulnerability in SharePoint Could Allow Information
Disclosure (2827663)
MS13-031 Vulnerabilities in Windows Kernel Could Allow Elevation
of Privilege (2813170)
MS13-032 Vulnerability in Active Directory Could Lead to Denial
of Service (2830914)
MS13-033 Vulnerability in Windows Client/Server Run-time Subsystem
(CSRSS) Could Allow Elevation of Privilege (2820917)
MS13-034 Vulnerability in Microsoft Antimalware Client Could Allow
Elevation of Privilege (2823482)
MS13-035 Vulnerability in HTML Sanitization Component Could Allow
Elevation of Privilege (2821818)
MS13-036 Vulnerabilities in Kernel-Mode Driver Could Allow
Elevation Of Privilege (2829996)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Server Software
Microsoft Security Software
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Elusione della funzione di protezione
Attacco di tipo Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Aprile 2013
http://technet.microsoft.com/it-it/security/bulletin/ms13-apr
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/ms13-028
http://technet.microsoft.com/it-it/security/bulletin/ms13-029
http://technet.microsoft.com/it-it/security/bulletin/ms13-030
http://technet.microsoft.com/it-it/security/bulletin/ms13-031
http://technet.microsoft.com/it-it/security/bulletin/ms13-032
http://technet.microsoft.com/it-it/security/bulletin/ms13-033
http://technet.microsoft.com/it-it/security/bulletin/ms13-034
http://technet.microsoft.com/it-it/security/bulletin/ms13-035
http://technet.microsoft.com/it-it/security/bulletin/ms13-036
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1303
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1304
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1296
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1290
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1284
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1294
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1282
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1295
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0078
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1289
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1283
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1292
SANS ISC Diary
https://isc.sans.edu/diary.html?storyid=15577
US-CERT Alert TA13-100A
http://www.us-cert.gov/ncas/alerts/TA13-100A
GARR CERT Security Alert - subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlFmggIACgkQwZxMk2USYEK1lQCeLR1PE7oLXrDAHkkrn4irxImp
WJwAoLMgeS78APHmBzaXKT3wAQ/OPny3
=U2qj
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13025
Data : 11 aprile 2013
Titolo : Bollettino di Sicurezza Microsoft Aprile 2013
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 9 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi e applicazioni
Windows:
MS13-028 Cumulative Security Update for Internet Explorer (2817183)
MS13-029 Vulnerability in Remote Desktop Client Could Allow Remote
Code Execution (2828223)
MS13-030 Vulnerability in SharePoint Could Allow Information
Disclosure (2827663)
MS13-031 Vulnerabilities in Windows Kernel Could Allow Elevation
of Privilege (2813170)
MS13-032 Vulnerability in Active Directory Could Lead to Denial
of Service (2830914)
MS13-033 Vulnerability in Windows Client/Server Run-time Subsystem
(CSRSS) Could Allow Elevation of Privilege (2820917)
MS13-034 Vulnerability in Microsoft Antimalware Client Could Allow
Elevation of Privilege (2823482)
MS13-035 Vulnerability in HTML Sanitization Component Could Allow
Elevation of Privilege (2821818)
MS13-036 Vulnerabilities in Kernel-Mode Driver Could Allow
Elevation Of Privilege (2829996)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Server Software
Microsoft Security Software
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Elusione della funzione di protezione
Attacco di tipo Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Aprile 2013
http://technet.microsoft.com/it-it/security/bulletin/ms13-apr
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/ms13-028
http://technet.microsoft.com/it-it/security/bulletin/ms13-029
http://technet.microsoft.com/it-it/security/bulletin/ms13-030
http://technet.microsoft.com/it-it/security/bulletin/ms13-031
http://technet.microsoft.com/it-it/security/bulletin/ms13-032
http://technet.microsoft.com/it-it/security/bulletin/ms13-033
http://technet.microsoft.com/it-it/security/bulletin/ms13-034
http://technet.microsoft.com/it-it/security/bulletin/ms13-035
http://technet.microsoft.com/it-it/security/bulletin/ms13-036
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1303
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1304
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1296
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1290
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1284
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1294
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1282
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1295
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0078
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1289
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1283
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1292
SANS ISC Diary
https://isc.sans.edu/diary.html?storyid=15577
US-CERT Alert TA13-100A
http://www.us-cert.gov/ncas/alerts/TA13-100A
GARR CERT Security Alert - subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlFmggIACgkQwZxMk2USYEK1lQCeLR1PE7oLXrDAHkkrn4irxImp
WJwAoLMgeS78APHmBzaXKT3wAQ/OPny3
=U2qj
-----END PGP SIGNATURE-----