Alert GCSA-16012 - APSB16-04 Aggiornamento di sicurezza per Adobe Flash Player
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16012
Data: 10 Febbraio 2016
Titolo: APSB16-04 Aggiornamento di sicurezza per Adobe Flash Player
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento del Flash Player
che risolve numerose vulnerabilita' presenti nel software.
Tali difetti potrebbero consentire ad un aggressore
di prendere il controllo del sistema.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
Flash Player Desktop Runtime 20.0.0.286 e precedenti per Windows e Macintosh
Flash Player Extended Support Release 18.0.0.326 e precedenti per
Windows e Macintosh
Flash Player per Google Chrome 20.0.0.286 e precedenti per Windows,
Macintosh, Linux e ChromeOS
Flash Player per Microsoft Edge e Internet Explorer 11 20.0.0.272 e
precedenti per Windows 10
Flash Player per Internet Explorer 10 e 11 20.0.0.272 e precedenti per
Windows 8.0 e 8.1
Flash Player per Linux 11.2.202.559 e precedenti per Linux
AIR Desktop Runtime 20.0.0.233 e precedenti per Windows e Macintosh
AIR SDK 20.0.0.233 e precedenti per Windows, Macintosh, Android e iOS
AIR SDK & Compiler 20.0.0.233 e precedenti per Windows, Macintosh,
Android e iOS
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
Accesso al sistema
:: Soluzioni
Aggiornare a Flash Player (per Internet Explorer) 20.0.0.306 per Windows
e Macintosh
Aggiornare a Flash Player Extended Support 18.0.0.329 per Windows e
Macintosh
Aggiornare a Flash Player 11.2.202.569 per Linux
Aggiornare a AIR 20.0.0.260
http://www.adobe.com/go/getflash
gli utenti Windows possono anche utilizzare la funzione auto-update
presente nel prodotto, quando proposta.
:: Riferimenti
Abobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
Microsoft Security Advisory
https://technet.microsoft.com/en-us/library/security/ms16-022.aspx
SecurityTracker
http://securitytracker.com/id/1034970
http://securitytracker.com/id/1034977
MITRE-CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0964
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0965
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0966
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0967
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0968
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0985
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAla7a/gACgkQwZxMk2USYEJRnQCgjxb4LE7dFfxUYaeg/T/Gyfd8
2kgAoI7Jy6+kQQRVZ+FMpOCJrUzQxRTe
=+0qD
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16012
Data: 10 Febbraio 2016
Titolo: APSB16-04 Aggiornamento di sicurezza per Adobe Flash Player
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato un aggiornamento del Flash Player
che risolve numerose vulnerabilita' presenti nel software.
Tali difetti potrebbero consentire ad un aggressore
di prendere il controllo del sistema.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
Flash Player Desktop Runtime 20.0.0.286 e precedenti per Windows e Macintosh
Flash Player Extended Support Release 18.0.0.326 e precedenti per
Windows e Macintosh
Flash Player per Google Chrome 20.0.0.286 e precedenti per Windows,
Macintosh, Linux e ChromeOS
Flash Player per Microsoft Edge e Internet Explorer 11 20.0.0.272 e
precedenti per Windows 10
Flash Player per Internet Explorer 10 e 11 20.0.0.272 e precedenti per
Windows 8.0 e 8.1
Flash Player per Linux 11.2.202.559 e precedenti per Linux
AIR Desktop Runtime 20.0.0.233 e precedenti per Windows e Macintosh
AIR SDK 20.0.0.233 e precedenti per Windows, Macintosh, Android e iOS
AIR SDK & Compiler 20.0.0.233 e precedenti per Windows, Macintosh,
Android e iOS
Per verificare la versione di Flash Player installata
accedere alla seguente pagina
http://www.adobe.com/products/flash/about/
se si utilizzano piu' browser effettuare il controllo
da ognuno di essi.
:: Impatto
Esecuzione remota di codice arbitrario
Accesso al sistema
:: Soluzioni
Aggiornare a Flash Player (per Internet Explorer) 20.0.0.306 per Windows
e Macintosh
Aggiornare a Flash Player Extended Support 18.0.0.329 per Windows e
Macintosh
Aggiornare a Flash Player 11.2.202.569 per Linux
Aggiornare a AIR 20.0.0.260
http://www.adobe.com/go/getflash
gli utenti Windows possono anche utilizzare la funzione auto-update
presente nel prodotto, quando proposta.
:: Riferimenti
Abobe Security Bulletin
https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
Microsoft Security Advisory
https://technet.microsoft.com/en-us/library/security/ms16-022.aspx
SecurityTracker
http://securitytracker.com/id/1034970
http://securitytracker.com/id/1034977
MITRE-CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0964
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0965
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0966
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0967
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0968
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0969
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0970
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0972
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0973
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0974
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0977
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0978
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0979
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0984
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0985
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAla7a/gACgkQwZxMk2USYEJRnQCgjxb4LE7dFfxUYaeg/T/Gyfd8
2kgAoI7Jy6+kQQRVZ+FMpOCJrUzQxRTe
=+0qD
-----END PGP SIGNATURE-----