Alert GCSA-11065 - Vulnerabilita' in Microsoft Office (MS11-072
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11065
Data : 14 Settembre 2011
Titolo : Vulnerabilita' in Microsoft Office (MS11-072 MS11-073
MS11-074)
******************************************************************
:: Descrizione del problema:
E' stato rilasciato da Microsoft un bollettino di sicurezza per
risolvere varie vulnerabilita' presenti in alcune componenti di
Microsoft Office.
Maggiori dettagli sono disponibili nella segnalazione ufficiale
Microsoft nella sezione "Riferimenti".
:: Software interessato:
Microsoft Excel Viewer
Microsoft Office 2003
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office 2010
Microsoft Office for Mac 2011
Microsoft Open XML File Format Converter for Mac
Microsoft Compatibility Pack
Microsoft Office Form Server
Microsoft Sharepoint WorkSpace 2010
Microsoft Windows Sharepoint Services 2.0
Microsoft Windows Sharepoint Services 3.0
Microsoft SharePoint Foundation 2010
Microsoft Office Sharepoint Server 2007
Microsoft Office Sharepoint Server 2010
Microsoft Office Groove 2007
Microsoft Office Groove Data Bridge Server 2007
Microsoft Office Groove Data Bridge Server 2010
Microsoft Office Web Apps 2010
:: Impatto:
Accesso al sistema
Esecuzione di codice arbitrario
Exposure of sensitive information
Acquisizione di privilegi piu' elevati
Compromissione del sistema
:: Soluzioni:
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti:
Microsoft Security Bulletin Summary for Spetember 2011
http://www.microsoft.com/technet/security/bulletin/ms11-sep.mspx
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS11-072
http://www.microsoft.com/technet/security/Bulletin/MS11-073
http://www.microsoft.com/technet/security/Bulletin/MS11-074
Secunia
http://secunia.com/advisories/45932/
http://secunia.com/advisories/45020/
http://secunia.com/advisories/46008/
http://secunia.com/advisories/45915/
US-CERT
http://www.us-cert.gov/cas/techalerts/TA11-256A.html
http://www.us-cert.gov/cas/alerts/SA11-256A.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1990
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTnCxqPOB+SpikaiRAQLWHQP+IWO0kaJGwKDxUOkOcZWd2mKs7aMts7t7
gf84NDjEE2TYIS5fCiY80aVU/rR3aSBRYrg96fWDmWJGK9u5quYM4Vu71d+1WuGU
fPLquZrf7ep4iVOEk88yf7cV8AOmb6n6oSfiG0NWglzc41glvI0xdnZNkXwWxbMl
KHOIudFoysE=
=XfDO
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11065
Data : 14 Settembre 2011
Titolo : Vulnerabilita' in Microsoft Office (MS11-072 MS11-073
MS11-074)
******************************************************************
:: Descrizione del problema:
E' stato rilasciato da Microsoft un bollettino di sicurezza per
risolvere varie vulnerabilita' presenti in alcune componenti di
Microsoft Office.
Maggiori dettagli sono disponibili nella segnalazione ufficiale
Microsoft nella sezione "Riferimenti".
:: Software interessato:
Microsoft Excel Viewer
Microsoft Office 2003
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office 2010
Microsoft Office for Mac 2011
Microsoft Open XML File Format Converter for Mac
Microsoft Compatibility Pack
Microsoft Office Form Server
Microsoft Sharepoint WorkSpace 2010
Microsoft Windows Sharepoint Services 2.0
Microsoft Windows Sharepoint Services 3.0
Microsoft SharePoint Foundation 2010
Microsoft Office Sharepoint Server 2007
Microsoft Office Sharepoint Server 2010
Microsoft Office Groove 2007
Microsoft Office Groove Data Bridge Server 2007
Microsoft Office Groove Data Bridge Server 2010
Microsoft Office Web Apps 2010
:: Impatto:
Accesso al sistema
Esecuzione di codice arbitrario
Exposure of sensitive information
Acquisizione di privilegi piu' elevati
Compromissione del sistema
:: Soluzioni:
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti:
Microsoft Security Bulletin Summary for Spetember 2011
http://www.microsoft.com/technet/security/bulletin/ms11-sep.mspx
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS11-072
http://www.microsoft.com/technet/security/Bulletin/MS11-073
http://www.microsoft.com/technet/security/Bulletin/MS11-074
Secunia
http://secunia.com/advisories/45932/
http://secunia.com/advisories/45020/
http://secunia.com/advisories/46008/
http://secunia.com/advisories/45915/
US-CERT
http://www.us-cert.gov/cas/techalerts/TA11-256A.html
http://www.us-cert.gov/cas/alerts/SA11-256A.html
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0653
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1892
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1980
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1982
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1986
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1988
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1989
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1990
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTnCxqPOB+SpikaiRAQLWHQP+IWO0kaJGwKDxUOkOcZWd2mKs7aMts7t7
gf84NDjEE2TYIS5fCiY80aVU/rR3aSBRYrg96fWDmWJGK9u5quYM4Vu71d+1WuGU
fPLquZrf7ep4iVOEk88yf7cV8AOmb6n6oSfiG0NWglzc41glvI0xdnZNkXwWxbMl
KHOIudFoysE=
=XfDO
-----END PGP SIGNATURE-----