Alert GCSA-09036 - Vulnerabilita' in Microsoft Office PowerPoint
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID : GCSA-09036
Data : 13 maggio 2009
Titolo : Vulnerabilita' in Microsoft Office PowerPoint (MS09-017)
**********************************************************************
:: Descrizione del problema:
Questo aggiornamento, considerato critico, risolve 14 vulnerabilita'
presenti in Microsoft PowerPoint che potrebbero essere sfruttate
da un attaccante remoto per eseguire codice arbitrario e prendere
il controllo di un sistema affetto.
:: Piattaforme e Software interessati:
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint
2007 File Formats
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office PowerPoint Viewer 2007
Microsoft Office XP
Microsoft Open XML File Format Converter for Mac
Microsoft PowerPoint 2000
Microsoft PowerPoint 2002
Microsoft Powerpoint 2003
Microsoft Works 8.x
Microsoft Works 9.x
:: Impatto:
Esecuzione remota di codice arbitrario
Compromissione del sistema
:: Soluzione:
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
All'interno del bollettino e' possibile trovare informazioni sulle
eventuali difficolta' scaturite dall'installazione di
questo aggiornamento.
:: Riferimenti:
Microsoft Security Bulletin MS09-0173 - Critical
http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
ZDI Advisories
http://www.zerodayinitiative.com/advisories/ZDI-09-019
http://www.zerodayinitiative.com/advisories/ZDI-09-020
iDefense Labs
http://labs.idefense.com/news/msft/2009-05-12.php
Security Focus
http://www.securityfocus.com/bid/34833
http://www.securityfocus.com/bid/34835
http://www.securityfocus.com/bid/34831
http://www.securityfocus.com/bid/34834
http://www.securityfocus.com/bid/34879
http://www.securityfocus.com/bid/34880
http://www.securityfocus.com/bid/34881
http://www.securityfocus.com/bid/34882
http://www.securityfocus.com/bid/34351
http://www.securityfocus.com/bid/34837
http://www.securityfocus.com/bid/34839
http://www.securityfocus.com/bid/34840
http://www.securityfocus.com/bid/34841
http://www.securityfocus.com/bid/34876
Secunia: Microsoft Windows Privilege Escalation Vulnerabilities
http://secunia.com/advisories/32428/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1137
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSgqUXPOB+SpikaiRAQJXSwP9HQKcpFIkXvQmdOARiPolVkJzONXP3GE5
oi3abxnJ6QeQc7MdyWK+V+x6Woa3l9qOo8j4nrMbumJ4IFObhfLtL8qWzEs8akKa
uxvW9SOLj0biVQP7/XwhHUMY5/2n8pY7uKV0flkXqaO1+ELv257Kzdbx0TaF+CL2
FJA6QZ/G3Fk=
=I7AQ
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID : GCSA-09036
Data : 13 maggio 2009
Titolo : Vulnerabilita' in Microsoft Office PowerPoint (MS09-017)
**********************************************************************
:: Descrizione del problema:
Questo aggiornamento, considerato critico, risolve 14 vulnerabilita'
presenti in Microsoft PowerPoint che potrebbero essere sfruttate
da un attaccante remoto per eseguire codice arbitrario e prendere
il controllo di un sistema affetto.
:: Piattaforme e Software interessati:
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint
2007 File Formats
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office PowerPoint Viewer 2007
Microsoft Office XP
Microsoft Open XML File Format Converter for Mac
Microsoft PowerPoint 2000
Microsoft PowerPoint 2002
Microsoft Powerpoint 2003
Microsoft Works 8.x
Microsoft Works 9.x
:: Impatto:
Esecuzione remota di codice arbitrario
Compromissione del sistema
:: Soluzione:
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
All'interno del bollettino e' possibile trovare informazioni sulle
eventuali difficolta' scaturite dall'installazione di
questo aggiornamento.
:: Riferimenti:
Microsoft Security Bulletin MS09-0173 - Critical
http://www.microsoft.com/technet/security/Bulletin/MS09-017.mspx
ZDI Advisories
http://www.zerodayinitiative.com/advisories/ZDI-09-019
http://www.zerodayinitiative.com/advisories/ZDI-09-020
iDefense Labs
http://labs.idefense.com/news/msft/2009-05-12.php
Security Focus
http://www.securityfocus.com/bid/34833
http://www.securityfocus.com/bid/34835
http://www.securityfocus.com/bid/34831
http://www.securityfocus.com/bid/34834
http://www.securityfocus.com/bid/34879
http://www.securityfocus.com/bid/34880
http://www.securityfocus.com/bid/34881
http://www.securityfocus.com/bid/34882
http://www.securityfocus.com/bid/34351
http://www.securityfocus.com/bid/34837
http://www.securityfocus.com/bid/34839
http://www.securityfocus.com/bid/34840
http://www.securityfocus.com/bid/34841
http://www.securityfocus.com/bid/34876
Secunia: Microsoft Windows Privilege Escalation Vulnerabilities
http://secunia.com/advisories/32428/
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0225
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0226
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0227
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0556
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1137
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSgqUXPOB+SpikaiRAQJXSwP9HQKcpFIkXvQmdOARiPolVkJzONXP3GE5
oi3abxnJ6QeQc7MdyWK+V+x6Woa3l9qOo8j4nrMbumJ4IFObhfLtL8qWzEs8akKa
uxvW9SOLj0biVQP7/XwhHUMY5/2n8pY7uKV0flkXqaO1+ELv257Kzdbx0TaF+CL2
FJA6QZ/G3Fk=
=I7AQ
-----END PGP SIGNATURE-----