Alert GCSA-13053 - Bollettino di Sicurezza Microsoft Dicembre 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13053
Data : 11 Dicembre 2013
Titolo : Bollettino di Sicurezza Microsoft Dicembre 2013
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 11 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS13-096 vulnerabilita' nel componente Microsoft Graphics (2908005)
MS13-097 aggiornamento cumulativo per la protezione di Internet Explorer (2898785)
MS13-098 vulnerabilita' in Windows (2893294)
MS13-099 vulnerabilita' nella libreria oggetti di Microsoft Scripting Runtime (2909158)
MS13-100 vulnerabilita' in Microsoft SharePoint Server (2904244)
MS13-101 vulnerabilita' nei driver in modalita' kernel di Windows (2880430)
MS13-102 vulnerabilita' nel client LRPC (2898715)
MS13-103 vulnerabilita' in ASP.NET SignalR (2905244)
MS13-104 vulnerabilita' in Microsoft Office (2909976)
MS13-105 vulnerabilita' in Microsoft Exchange Server (2915705)
MS13-106 vulnerabilita' nel Microsoft Office Shared Component (2905238)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Windows Server
Microsoft Exchange Server
Microsoft SharePoint Server
ASP.NET SignalR
Microsoft Visual Studio
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Intercettazione di informazioni personali
Bypass delle funzioni di sicurezza
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Dicembre 2013
http://technet.microsoft.com/it-it/security/bulletin/ms13-dec
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS13-096
http://technet.microsoft.com/it-it/security/bulletin/MS13-097
http://technet.microsoft.com/it-it/security/bulletin/MS13-098
http://technet.microsoft.com/it-it/security/bulletin/MS13-099
http://technet.microsoft.com/it-it/security/bulletin/MS13-100
http://technet.microsoft.com/it-it/security/bulletin/MS13-101
http://technet.microsoft.com/it-it/security/bulletin/MS13-102
http://technet.microsoft.com/it-it/security/bulletin/MS13-103
http://technet.microsoft.com/it-it/security/bulletin/MS13-104
http://technet.microsoft.com/it-it/security/bulletin/MS13-105
http://technet.microsoft.com/it-it/security/bulletin/MS13-106
Microsoft Knowledge Base
http://support.microsoft.com/kb/2908005
http://support.microsoft.com/kb/2898785
http://support.microsoft.com/kb/2893294
http://support.microsoft.com/kb/2909158
http://support.microsoft.com/kb/2904244
http://support.microsoft.com/kb/2880430
http://support.microsoft.com/kb/2998715
http://support.microsoft.com/kb/2905238
http://support.microsoft.com/kb/2909976
http://support.microsoft.com/kb/2915705
http://support.microsoft.com/kb/2905238
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5057
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=17198
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFSqJqQwZxMk2USYEIRAmC+AJ0Vs4sNoxjcsDsGbdqqSd7iZN3gyQCgsnZk
JBrDQhBbb1yyGHICFnuQLqM=
=ILe+
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13053
Data : 11 Dicembre 2013
Titolo : Bollettino di Sicurezza Microsoft Dicembre 2013
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 11 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS13-096 vulnerabilita' nel componente Microsoft Graphics (2908005)
MS13-097 aggiornamento cumulativo per la protezione di Internet Explorer (2898785)
MS13-098 vulnerabilita' in Windows (2893294)
MS13-099 vulnerabilita' nella libreria oggetti di Microsoft Scripting Runtime (2909158)
MS13-100 vulnerabilita' in Microsoft SharePoint Server (2904244)
MS13-101 vulnerabilita' nei driver in modalita' kernel di Windows (2880430)
MS13-102 vulnerabilita' nel client LRPC (2898715)
MS13-103 vulnerabilita' in ASP.NET SignalR (2905244)
MS13-104 vulnerabilita' in Microsoft Office (2909976)
MS13-105 vulnerabilita' in Microsoft Exchange Server (2915705)
MS13-106 vulnerabilita' nel Microsoft Office Shared Component (2905238)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Windows Server
Microsoft Exchange Server
Microsoft SharePoint Server
ASP.NET SignalR
Microsoft Visual Studio
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi piu' elevati
Intercettazione di informazioni personali
Bypass delle funzioni di sicurezza
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Dicembre 2013
http://technet.microsoft.com/it-it/security/bulletin/ms13-dec
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS13-096
http://technet.microsoft.com/it-it/security/bulletin/MS13-097
http://technet.microsoft.com/it-it/security/bulletin/MS13-098
http://technet.microsoft.com/it-it/security/bulletin/MS13-099
http://technet.microsoft.com/it-it/security/bulletin/MS13-100
http://technet.microsoft.com/it-it/security/bulletin/MS13-101
http://technet.microsoft.com/it-it/security/bulletin/MS13-102
http://technet.microsoft.com/it-it/security/bulletin/MS13-103
http://technet.microsoft.com/it-it/security/bulletin/MS13-104
http://technet.microsoft.com/it-it/security/bulletin/MS13-105
http://technet.microsoft.com/it-it/security/bulletin/MS13-106
Microsoft Knowledge Base
http://support.microsoft.com/kb/2908005
http://support.microsoft.com/kb/2898785
http://support.microsoft.com/kb/2893294
http://support.microsoft.com/kb/2909158
http://support.microsoft.com/kb/2904244
http://support.microsoft.com/kb/2880430
http://support.microsoft.com/kb/2998715
http://support.microsoft.com/kb/2905238
http://support.microsoft.com/kb/2909976
http://support.microsoft.com/kb/2915705
http://support.microsoft.com/kb/2905238
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3899
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3903
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5763
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5791
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1330
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5072
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5057
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=17198
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFSqJqQwZxMk2USYEIRAmC+AJ0Vs4sNoxjcsDsGbdqqSd7iZN3gyQCgsnZk
JBrDQhBbb1yyGHICFnuQLqM=
=ILe+
-----END PGP SIGNATURE-----