Alert GCSA-12001 - Microsoft Security Bullettin January 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12001
Data : 11 Gennaio 2012
Titolo : Microsoft Security Bullettin January 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 7 bollettini di sicurezza
relativi a varie vulnerabilita' presenti nei
sistemi operativi Windows:
MS12-001 Vulnerability in Windows Kernel (2644615)
MS12-002 Vulnerability in Windows Object Packager (2603381)
MS12-003 Vulnerability in Windows Client/Server Run-time Subsystem (2646524)
MS12-004 Vulnerabilities in Windows Media (2636391)
MS12-005 Vulnerability in Windows (2584146)
MS12-006 Vulnerability in SSL/TLS (2643584)
MS12-007 Vulnerability in AntiXSS Library (2607664)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Windows XP
Windows Vista
Windows 7
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Rivelazione di Informazioni
Elusione di configurazioni di sicurezza
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for December 2011
http://technet.microsoft.com/security/bulletin/ms12-jan
Microsoft Security Bulletin
http://technet.microsoft.com/it-it/security/bulletin/ms12-001
http://technet.microsoft.com/it-it/security/bulletin/ms12-002
http://technet.microsoft.com/it-it/security/bulletin/ms12-003
http://technet.microsoft.com/it-it/security/bulletin/ms12-004
http://technet.microsoft.com/it-it/security/bulletin/ms12-005
http://technet.microsoft.com/it-it/security/bulletin/ms12-006
http://technet.microsoft.com/it-it/security/bulletin/ms12-007
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0013
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=12361
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTw1XP/OB+SpikaiRAQJD0QQAlfueg/y27suM1oO9wvrXpXC/y/YHrf/G
nze1jTtXkfTeRskdJsVVHI4Spo5Ot6FrQKfv3VT8+ubax5FjFtCmB06/atdQz4L+
eBtN47NoyEP7aVinyjo4VUz4d9RlRgY7xB2QSdbnDyWxk7p13NQSPILNxWdb4NA3
n+1Scu/ThIo=
=hvjo
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12001
Data : 11 Gennaio 2012
Titolo : Microsoft Security Bullettin January 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 7 bollettini di sicurezza
relativi a varie vulnerabilita' presenti nei
sistemi operativi Windows:
MS12-001 Vulnerability in Windows Kernel (2644615)
MS12-002 Vulnerability in Windows Object Packager (2603381)
MS12-003 Vulnerability in Windows Client/Server Run-time Subsystem (2646524)
MS12-004 Vulnerabilities in Windows Media (2636391)
MS12-005 Vulnerability in Windows (2584146)
MS12-006 Vulnerability in SSL/TLS (2643584)
MS12-007 Vulnerability in AntiXSS Library (2607664)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Windows XP
Windows Vista
Windows 7
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Rivelazione di Informazioni
Elusione di configurazioni di sicurezza
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for December 2011
http://technet.microsoft.com/security/bulletin/ms12-jan
Microsoft Security Bulletin
http://technet.microsoft.com/it-it/security/bulletin/ms12-001
http://technet.microsoft.com/it-it/security/bulletin/ms12-002
http://technet.microsoft.com/it-it/security/bulletin/ms12-003
http://technet.microsoft.com/it-it/security/bulletin/ms12-004
http://technet.microsoft.com/it-it/security/bulletin/ms12-005
http://technet.microsoft.com/it-it/security/bulletin/ms12-006
http://technet.microsoft.com/it-it/security/bulletin/ms12-007
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0013
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=12361
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTw1XP/OB+SpikaiRAQJD0QQAlfueg/y27suM1oO9wvrXpXC/y/YHrf/G
nze1jTtXkfTeRskdJsVVHI4Spo5Ot6FrQKfv3VT8+ubax5FjFtCmB06/atdQz4L+
eBtN47NoyEP7aVinyjo4VUz4d9RlRgY7xB2QSdbnDyWxk7p13NQSPILNxWdb4NA3
n+1Scu/ThIo=
=hvjo
-----END PGP SIGNATURE-----