Alert GCSA-14030 - Bollettino di Sicurezza Microsoft Settembre 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-14030
Data: 10 Settembre 2014
Titolo: Bollettino di Sicurezza Microsoft Settembre 2014
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 4 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS14-052 Aggiornamento cumulativo per Internet Explorer (2977629)
MS14-053 Vulnerabilita' in .NET Framework (2990931)
MS14-054 Vulnerabilita' in Pianificazione di Windows (2988948)
MS14-055 Vulnerabilita' in in Microsoft Lync Server (2990928)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Windows Vista
Windows 7
Windows 8 e Windows 8.1
Windows RT e Windows RT 8.1
Windows Server
Microsoft Lync Server
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, agosto 2014
https://technet.microsoft.com/it-it/library/security/ms14-sep
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/it-it/library/security/MS14-052
https://technet.microsoft.com/it-it/library/security/MS14-053
https://technet.microsoft.com/it-it/library/security/MS14-054
https://technet.microsoft.com/it-it/library/security/MS14-055
Microsoft Knowledge Base
http://support.microsoft.com/kb/2977629
http://support.microsoft.com/kb/2990931
http://support.microsoft.com/kb/2988948
http://support.microsoft.com/kb/2990928
http://blogs.technet.com/b/msrc/archive/2014/09/09/the-september-2014-security-updates.aspx
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Security Tracker
http://www.securitytracker.com/id/1030818
http://www.securitytracker.com/id/1030819
http://www.securitytracker.com/id/1030820
http://www.securitytracker.com/id/1030821
SANS ISC Diary
https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+-+September+2014/18627
US-CERT
https://www.us-cert.gov/ncas/current-activity/2014/09/09/Microsoft-Releases-September-2014-Security-Bulletin
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4111
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAlQS0zIACgkQwZxMk2USYEIn0ACgi0sn6soYadPnfU519vu2D0xL
+fwAnix1fahAyeQscdLDIvadf5CjA+hX
=falF
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-14030
Data: 10 Settembre 2014
Titolo: Bollettino di Sicurezza Microsoft Settembre 2014
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 4 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS14-052 Aggiornamento cumulativo per Internet Explorer (2977629)
MS14-053 Vulnerabilita' in .NET Framework (2990931)
MS14-054 Vulnerabilita' in Pianificazione di Windows (2988948)
MS14-055 Vulnerabilita' in in Microsoft Lync Server (2990928)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Windows Vista
Windows 7
Windows 8 e Windows 8.1
Windows RT e Windows RT 8.1
Windows Server
Microsoft Lync Server
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, agosto 2014
https://technet.microsoft.com/it-it/library/security/ms14-sep
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/it-it/library/security/MS14-052
https://technet.microsoft.com/it-it/library/security/MS14-053
https://technet.microsoft.com/it-it/library/security/MS14-054
https://technet.microsoft.com/it-it/library/security/MS14-055
Microsoft Knowledge Base
http://support.microsoft.com/kb/2977629
http://support.microsoft.com/kb/2990931
http://support.microsoft.com/kb/2988948
http://support.microsoft.com/kb/2990928
http://blogs.technet.com/b/msrc/archive/2014/09/09/the-september-2014-security-updates.aspx
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Security Tracker
http://www.securitytracker.com/id/1030818
http://www.securitytracker.com/id/1030819
http://www.securitytracker.com/id/1030820
http://www.securitytracker.com/id/1030821
SANS ISC Diary
https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+-+September+2014/18627
US-CERT
https://www.us-cert.gov/ncas/current-activity/2014/09/09/Microsoft-Releases-September-2014-Security-Bulletin
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4065
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4071
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4085
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4086
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4087
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4093
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4096
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4099
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4103
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4104
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4105
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4106
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4108
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4109
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4111
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAlQS0zIACgkQwZxMk2USYEIn0ACgi0sn6soYadPnfU519vu2D0xL
+fwAnix1fahAyeQscdLDIvadf5CjA+hX
=falF
-----END PGP SIGNATURE-----