Alert GCSA-15026 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-15026
Data : 23 Luglio 2015
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve numerose vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla sezione 'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 44.0.2403.89 per Windows, Mac e Linux
:: Impatto
Accesso al sistema
Esecuzione remota di codice arbitrario
Rivelazione di informazioni utente, di autenticazione, di sistema
Modifica di informazioni utente e di sistema
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non sia stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Security Tracker
http://www.securitytracker.com/id/1033031
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5605
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFVsLtewZxMk2USYEIRAh6VAKC3k0D4kspmUfLRTPbiIdSC/7glegCfUEvv
b7xqNOwNP0Ax297XpEkG050=
=Hm3P
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-15026
Data : 23 Luglio 2015
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve numerose vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla sezione 'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 44.0.2403.89 per Windows, Mac e Linux
:: Impatto
Accesso al sistema
Esecuzione remota di codice arbitrario
Rivelazione di informazioni utente, di autenticazione, di sistema
Modifica di informazioni utente e di sistema
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non sia stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
Security Tracker
http://www.securitytracker.com/id/1033031
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5605
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFVsLtewZxMk2USYEIRAh6VAKC3k0D4kspmUfLRTPbiIdSC/7glegCfUEvv
b7xqNOwNP0Ax297XpEkG050=
=Hm3P
-----END PGP SIGNATURE-----