ALERT GCSA-14001 - Bollettino di Sicurezza Microsoft Febbraio 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13056
Data : 12 Febbraio 2014
Titolo : Bollettino di Sicurezza Microsoft Febbraio 2014
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 7 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS14-005 Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036)
MS14-006 Vulnerability in IPv6 Could Allow Denial of Service (2904659)
MS14-007 Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)
MS14-008 Vulnerability in Microsoft Forefront Protection for Exchange Could Allow Remote Code Execution (2927022)
MS14-009 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)
MS14-010 Cumulative Security Update for Internet Explorer (2909921)
MS14-011 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft .NET Framework
Microsoft Security Software
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Information Disclosure
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Febbraio 2014
http://technet.microsoft.com/en-us/security/bulletin/ms14-feb
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS14-005
http://technet.microsoft.com/it-it/security/bulletin/MS14-006
http://technet.microsoft.com/it-it/security/bulletin/MS14-007
http://technet.microsoft.com/it-it/security/bulletin/MS14-008
http://technet.microsoft.com/it-it/security/bulletin/MS14-009
http://technet.microsoft.com/it-it/security/bulletin/MS14-010
http://technet.microsoft.com/it-it/security/bulletin/MS14-011
Microsoft Knowledge Base
http://support.microsoft.com/kb/2916036
http://support.microsoft.com/kb/2904659
http://support.microsoft.com/kb/2912390
http://support.microsoft.com/kb/2927022
http://support.microsoft.com/kb/2916607
http://support.microsoft.com/kb/2909921
http://support.microsoft.com/kb/2928390
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0293
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=17615
GARR CERT Newsletter subscribe/unsubscribe:
http://testcert.dir.garr.it/index.php/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlL7VAYACgkQwZxMk2USYEL3LgCdGWdcGqFvwIKJbio1A+BLHQah
kCIAn3TElEqeBpc++C3B8nHmbIPWwxaV
=LTdp
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13056
Data : 12 Febbraio 2014
Titolo : Bollettino di Sicurezza Microsoft Febbraio 2014
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 7 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS14-005 Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036)
MS14-006 Vulnerability in IPv6 Could Allow Denial of Service (2904659)
MS14-007 Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)
MS14-008 Vulnerability in Microsoft Forefront Protection for Exchange Could Allow Remote Code Execution (2927022)
MS14-009 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607)
MS14-010 Cumulative Security Update for Internet Explorer (2909921)
MS14-011 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft .NET Framework
Microsoft Security Software
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Information Disclosure
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Febbraio 2014
http://technet.microsoft.com/en-us/security/bulletin/ms14-feb
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS14-005
http://technet.microsoft.com/it-it/security/bulletin/MS14-006
http://technet.microsoft.com/it-it/security/bulletin/MS14-007
http://technet.microsoft.com/it-it/security/bulletin/MS14-008
http://technet.microsoft.com/it-it/security/bulletin/MS14-009
http://technet.microsoft.com/it-it/security/bulletin/MS14-010
http://technet.microsoft.com/it-it/security/bulletin/MS14-011
Microsoft Knowledge Base
http://support.microsoft.com/kb/2916036
http://support.microsoft.com/kb/2904659
http://support.microsoft.com/kb/2912390
http://support.microsoft.com/kb/2927022
http://support.microsoft.com/kb/2916607
http://support.microsoft.com/kb/2909921
http://support.microsoft.com/kb/2928390
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0254
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0294
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0253
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0257
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0295
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0270
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0271
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0272
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0273
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0274
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0276
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0284
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0287
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0293
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=17615
GARR CERT Newsletter subscribe/unsubscribe:
http://testcert.dir.garr.it/index.php/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlL7VAYACgkQwZxMk2USYEL3LgCdGWdcGqFvwIKJbio1A+BLHQah
kCIAn3TElEqeBpc++C3B8nHmbIPWwxaV
=LTdp
-----END PGP SIGNATURE-----