Alert GCSA-16053 - Bollettino di Sicurezza Microsoft Novembre 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16053
Data: 09 Novembre 2016
Titolo: Bollettino di Sicurezza Microsoft Novembre 2016
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 14 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in varie applicazioni:
MS16-129 Cumulative Security Update for Microsoft Edge (3199057)
MS16-130 Security Update for Microsoft Windows (3199172)
MS16-131 Security Update for Microsoft Video Control (3199151)
MS16-132 Security Update for Microsoft Graphics Component (3199120)
MS16-133 Security Update for Microsoft Office (3199168)
MS16-134 Security Update for Common Log File System Driver (3193706)
MS16-135 Security Update for Windows Kernel-Mode Drivers (3199135)
MS16-136 Security Update for SQL Server (3199641)
MS16-137 Security Update for Windows Authentication Methods (3199173)
MS16-138 Security Update to Microsoft Virtual Hard Disk Driver (3199647)
MS16-139 Security Update for Windows Kernel (3199720)
MS16-140 Security Update for Boot Manager (3193479)
MS16-141 Security Update for Adobe Flash Player (3202790)
MS16-142 Cumulative Security Update for Internet Explorer (3198467)
Maggiori dettagli sono disponibili nelle segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Edge
Microsoft Office
Microsoft Office Services and Web Apps
Microsoft SQL Server
Adobe Flash Player
Internet Explorer
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Bypass delle funzionalita' di sicurezza
:: Soluzioni
Per default l'installazione degli aggiornamenti
avviene in maniera automatica.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-NOV
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-129
https://technet.microsoft.com/library/security/MS16-130
https://technet.microsoft.com/library/security/MS16-131
https://technet.microsoft.com/library/security/MS16-132
https://technet.microsoft.com/library/security/MS16-133
https://technet.microsoft.com/library/security/MS16-134
https://technet.microsoft.com/library/security/MS16-135
https://technet.microsoft.com/library/security/MS16-136
https://technet.microsoft.com/library/security/MS16-137
https://technet.microsoft.com/library/security/MS16-138
https://technet.microsoft.com/library/security/MS16-139
https://technet.microsoft.com/library/security/MS16-140
https://technet.microsoft.com/library/security/MS16-141
https://technet.microsoft.com/library/security/MS16-142
Microsoft Knowledge Base
http://support.microsoft.com/kb/3199057
http://support.microsoft.com/kb/3199172
http://support.microsoft.com/kb/3199151
http://support.microsoft.com/kb/3199120
http://support.microsoft.com/kb/3199168
http://support.microsoft.com/kb/3193706
http://support.microsoft.com/kb/3199135
http://support.microsoft.com/kb/3199641
http://support.microsoft.com/kb/3199173
http://support.microsoft.com/kb/3199647
http://support.microsoft.com/kb/3199720
http://support.microsoft.com/kb/3193479
http://support.microsoft.com/kb/3202790
http://support.microsoft.com/kb/3198467
SANS ISC Diary
https://isc.sans.edu/mspatchdays.html?viewday=2016-11-08
Threatpost - Microsoft Patches Zero Day Disclosed by Google
https://threatpost.com/microsoft-patches-zero-day-disclosed-by-google/121851/
I riferimenti CVE sono disponibili nelle segnalazioni originali.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFYIwEtwZxMk2USYEIRAoDCAJwKRg1bpqOehISRkjQI27lJc+JKAACglQa2
azPJQfiuuaF7VLJIY8D0vqA=
=tp/Y
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16053
Data: 09 Novembre 2016
Titolo: Bollettino di Sicurezza Microsoft Novembre 2016
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 14 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in varie applicazioni:
MS16-129 Cumulative Security Update for Microsoft Edge (3199057)
MS16-130 Security Update for Microsoft Windows (3199172)
MS16-131 Security Update for Microsoft Video Control (3199151)
MS16-132 Security Update for Microsoft Graphics Component (3199120)
MS16-133 Security Update for Microsoft Office (3199168)
MS16-134 Security Update for Common Log File System Driver (3193706)
MS16-135 Security Update for Windows Kernel-Mode Drivers (3199135)
MS16-136 Security Update for SQL Server (3199641)
MS16-137 Security Update for Windows Authentication Methods (3199173)
MS16-138 Security Update to Microsoft Virtual Hard Disk Driver (3199647)
MS16-139 Security Update for Windows Kernel (3199720)
MS16-140 Security Update for Boot Manager (3193479)
MS16-141 Security Update for Adobe Flash Player (3202790)
MS16-142 Cumulative Security Update for Internet Explorer (3198467)
Maggiori dettagli sono disponibili nelle segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft Edge
Microsoft Office
Microsoft Office Services and Web Apps
Microsoft SQL Server
Adobe Flash Player
Internet Explorer
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Bypass delle funzionalita' di sicurezza
:: Soluzioni
Per default l'installazione degli aggiornamenti
avviene in maniera automatica.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-NOV
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-129
https://technet.microsoft.com/library/security/MS16-130
https://technet.microsoft.com/library/security/MS16-131
https://technet.microsoft.com/library/security/MS16-132
https://technet.microsoft.com/library/security/MS16-133
https://technet.microsoft.com/library/security/MS16-134
https://technet.microsoft.com/library/security/MS16-135
https://technet.microsoft.com/library/security/MS16-136
https://technet.microsoft.com/library/security/MS16-137
https://technet.microsoft.com/library/security/MS16-138
https://technet.microsoft.com/library/security/MS16-139
https://technet.microsoft.com/library/security/MS16-140
https://technet.microsoft.com/library/security/MS16-141
https://technet.microsoft.com/library/security/MS16-142
Microsoft Knowledge Base
http://support.microsoft.com/kb/3199057
http://support.microsoft.com/kb/3199172
http://support.microsoft.com/kb/3199151
http://support.microsoft.com/kb/3199120
http://support.microsoft.com/kb/3199168
http://support.microsoft.com/kb/3193706
http://support.microsoft.com/kb/3199135
http://support.microsoft.com/kb/3199641
http://support.microsoft.com/kb/3199173
http://support.microsoft.com/kb/3199647
http://support.microsoft.com/kb/3199720
http://support.microsoft.com/kb/3193479
http://support.microsoft.com/kb/3202790
http://support.microsoft.com/kb/3198467
SANS ISC Diary
https://isc.sans.edu/mspatchdays.html?viewday=2016-11-08
Threatpost - Microsoft Patches Zero Day Disclosed by Google
https://threatpost.com/microsoft-patches-zero-day-disclosed-by-google/121851/
I riferimenti CVE sono disponibili nelle segnalazioni originali.
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFYIwEtwZxMk2USYEIRAoDCAJwKRg1bpqOehISRkjQI27lJc+JKAACglQa2
azPJQfiuuaF7VLJIY8D0vqA=
=tp/Y
-----END PGP SIGNATURE-----