Alert GCSA-15001 - Bollettino di Sicurezza Microsoft Gennaio 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-15001
Data: 16 Gennaio 2015
Titolo: Bollettino di Sicurezza Microsoft Gennaio 2015
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 8 bollettini di sicurezza relativi a vulnerabilita' presenti nei sistemi operativi Windows e in altre
applicazioni:
MS15-001 Vulnerabilita' in Windows Application Compatibility Cache(3023266)
MS15-002 Vulnerabilita' in Windows Telnet Service (3020393)
MS15-003 Vulnerabilita' in Windows User Profile Service (3021674)
MS15-004 Vulnerabilita' in Windows Components (3025421)
MS15-005 Vulnerabilita' in Network Location Awarness Service (3022777)
MS15-006 Vulnerabilita' in Windows Error Reporting (3004365)
MS15-007 Vulnerabilita' in Network Policy Server RADIUS (3014029)
MS15-001 Vulnerabilita' in Windows Kernel-Mode Driver (3019215)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali alla sezione "Riferimenti".
:: Software interessato
Windows Server 2003
Windows Vista
Windows Server 2008
Windows Server 2008 R2
Windows 7
Windows 8 and Windows 8.1
Windows Server 2012 and Windows Server 2012 R2 Windows RT and Windows RT 8.1
:: Impatto
Esecuzione di codice in modalita' remota
Accesso utente in modalita' remota
Esposizione e modifica di informazioni utente
Esposizione di informazioni di autenticazione e di sistema
Escalation di privilegi
Security bypass
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft, oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update, Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, Gennaio 2015
https://technet.microsoft.com/library/security/ms15-jan
MSRC January 2015 Updates
http://blogs.technet.com/b/msrc/archive/2015/01/13/january-2015-updates.aspx
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/it-it/library/security/ms15-001
https://technet.microsoft.com/it-it/library/security/ms15-002
https://technet.microsoft.com/it-it/library/security/ms15-003
https://technet.microsoft.com/it-it/library/security/ms15-004
https://technet.microsoft.com/it-it/library/security/ms15-005
https://technet.microsoft.com/it-it/library/security/ms15-006
https://technet.microsoft.com/it-it/library/security/ms15-007
https://technet.microsoft.com/it-it/library/security/ms15-008
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Security Tracker
http://www.securitytracker.com/id/1031523
http://www.securitytracker.com/id/1031524
http://www.securitytracker.com/id/1031528
http://www.securitytracker.com/id/1031529
http://www.securitytracker.com/id/1031530
http://www.securitytracker.com/id/1031531
http://www.securitytracker.com/id/1031532
Mitre CVE
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0002
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0004
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0006
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0001
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0011
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0014
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0015
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0016
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFUuQwlwZxMk2USYEIRApc0AJ4tVpjnWnxkGW/CGEUvbVVSn0A/3gCgkkpp
bhlQxysWcoP0cy/cqWOFIkk=
=WfuE
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-15001
Data: 16 Gennaio 2015
Titolo: Bollettino di Sicurezza Microsoft Gennaio 2015
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 8 bollettini di sicurezza relativi a vulnerabilita' presenti nei sistemi operativi Windows e in altre
applicazioni:
MS15-001 Vulnerabilita' in Windows Application Compatibility Cache(3023266)
MS15-002 Vulnerabilita' in Windows Telnet Service (3020393)
MS15-003 Vulnerabilita' in Windows User Profile Service (3021674)
MS15-004 Vulnerabilita' in Windows Components (3025421)
MS15-005 Vulnerabilita' in Network Location Awarness Service (3022777)
MS15-006 Vulnerabilita' in Windows Error Reporting (3004365)
MS15-007 Vulnerabilita' in Network Policy Server RADIUS (3014029)
MS15-001 Vulnerabilita' in Windows Kernel-Mode Driver (3019215)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali alla sezione "Riferimenti".
:: Software interessato
Windows Server 2003
Windows Vista
Windows Server 2008
Windows Server 2008 R2
Windows 7
Windows 8 and Windows 8.1
Windows Server 2012 and Windows Server 2012 R2 Windows RT and Windows RT 8.1
:: Impatto
Esecuzione di codice in modalita' remota
Accesso utente in modalita' remota
Esposizione e modifica di informazioni utente
Esposizione di informazioni di autenticazione e di sistema
Escalation di privilegi
Security bypass
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft, oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update, Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, Gennaio 2015
https://technet.microsoft.com/library/security/ms15-jan
MSRC January 2015 Updates
http://blogs.technet.com/b/msrc/archive/2015/01/13/january-2015-updates.aspx
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/it-it/library/security/ms15-001
https://technet.microsoft.com/it-it/library/security/ms15-002
https://technet.microsoft.com/it-it/library/security/ms15-003
https://technet.microsoft.com/it-it/library/security/ms15-004
https://technet.microsoft.com/it-it/library/security/ms15-005
https://technet.microsoft.com/it-it/library/security/ms15-006
https://technet.microsoft.com/it-it/library/security/ms15-007
https://technet.microsoft.com/it-it/library/security/ms15-008
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Security Tracker
http://www.securitytracker.com/id/1031523
http://www.securitytracker.com/id/1031524
http://www.securitytracker.com/id/1031528
http://www.securitytracker.com/id/1031529
http://www.securitytracker.com/id/1031530
http://www.securitytracker.com/id/1031531
http://www.securitytracker.com/id/1031532
Mitre CVE
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0002
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0004
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0006
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0001
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0011
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0014
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0015
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0016
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFUuQwlwZxMk2USYEIRApc0AJ4tVpjnWnxkGW/CGEUvbVVSn0A/3gCgkkpp
bhlQxysWcoP0cy/cqWOFIkk=
=WfuE
-----END PGP SIGNATURE-----