Alert - CGSA-10036 MS10-018 Aggiornamento cumulativo per Internet
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10036
Data : 02 Aprile 2010
Titolo : MS10-018 Aggiornamento cumulativo per Internet Explorer
(980182)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza cumulativo
per risolvere varie vulnerabilita' presenti in Microsoft Internet
Explorer.
:: Software interessato
Microsoft Internet Explorer 5.x
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Vista x64 Edition Service Pack 2
Microsoft Windows Vista x64 Edition Service Pack 1
Microsoft Windows Vista x64 Edition
Microsoft Windows Vista Service Pack 2
Microsoft Windows Vista Service Pack 1
Microsoft Windows Vista
Microsoft Windows Server 2008 R2 (x64)
Microsoft Windows Server 2008 R2 (Itanium)
Microsoft Windows Server 2008 (x64) Service Pack 2
Microsoft Windows Server 2008 (x64)
Microsoft Windows Server 2008 (Itanium) Service Pack 2
Microsoft Windows Server 2008 (Itanium)
Microsoft Windows Server 2008 (32-bit) Service Pack 2
Microsoft Windows Server 2008 (32-bit)
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP2 (Itanium)
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows 7 (x64)
Microsoft Windows 7 (32-bit)
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Attacchi cross-site scripting
Compromissione di sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
Microsoft (KB981374):
http://www.microsoft.com/technet/security/advisory/981374.mspx
Security Focus
http://www.securityfocus.com/bid/39023
http://www.securityfocus.com/bid/39028
http://www.securityfocus.com/bid/39026
http://www.securityfocus.com/bid/39031
http://www.securityfocus.com/bid/39027
http://www.securityfocus.com/bid/39030
http://www.securityfocus.com/bid/39047
http://www.securityfocus.com/bid/39025
http://www.securityfocus.com/bid/38615
http://www.securityfocus.com/bid/39024
Vupen Security
http://www.vupen.com/english/advisories/2010/0744
Secunia
http://secunia.com/advisories/38860/
US-CERT Vulnerability Note VU#744549 -
http://www.kb.cert.org/vuls/id/744549
US-CERT Alert
http://www.us-cert.gov/cas/techalerts/TA10-089A.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0489
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0807
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS7WmDPOB+SpikaiRAQIXiQP/dGVDAoBRDcU7AWeZbJ3uVszFNjfeNI2G
tpV7sayOvmz223yHnPDpYYvX6JcnU9PGXbx0Z81Lb8DKLazduO5kSDHCmc5sIjHW
AC+lIIvLmjFeGxN84AwbQ9agcFlq8HK7ALs3GqWom2zhl1jsCIuykmufG53Emt5u
MlnzJeZ4ocY=
=XFDQ
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10036
Data : 02 Aprile 2010
Titolo : MS10-018 Aggiornamento cumulativo per Internet Explorer
(980182)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza cumulativo
per risolvere varie vulnerabilita' presenti in Microsoft Internet
Explorer.
:: Software interessato
Microsoft Internet Explorer 5.x
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 3
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition Service Pack 2
Microsoft Windows Vista x64 Edition Service Pack 2
Microsoft Windows Vista x64 Edition Service Pack 1
Microsoft Windows Vista x64 Edition
Microsoft Windows Vista Service Pack 2
Microsoft Windows Vista Service Pack 1
Microsoft Windows Vista
Microsoft Windows Server 2008 R2 (x64)
Microsoft Windows Server 2008 R2 (Itanium)
Microsoft Windows Server 2008 (x64) Service Pack 2
Microsoft Windows Server 2008 (x64)
Microsoft Windows Server 2008 (Itanium) Service Pack 2
Microsoft Windows Server 2008 (Itanium)
Microsoft Windows Server 2008 (32-bit) Service Pack 2
Microsoft Windows Server 2008 (32-bit)
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP2 (Itanium)
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows 7 (x64)
Microsoft Windows 7 (32-bit)
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Attacchi cross-site scripting
Compromissione di sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-018.mspx
Microsoft (KB981374):
http://www.microsoft.com/technet/security/advisory/981374.mspx
Security Focus
http://www.securityfocus.com/bid/39023
http://www.securityfocus.com/bid/39028
http://www.securityfocus.com/bid/39026
http://www.securityfocus.com/bid/39031
http://www.securityfocus.com/bid/39027
http://www.securityfocus.com/bid/39030
http://www.securityfocus.com/bid/39047
http://www.securityfocus.com/bid/39025
http://www.securityfocus.com/bid/38615
http://www.securityfocus.com/bid/39024
Vupen Security
http://www.vupen.com/english/advisories/2010/0744
Secunia
http://secunia.com/advisories/38860/
US-CERT Vulnerability Note VU#744549 -
http://www.kb.cert.org/vuls/id/744549
US-CERT Alert
http://www.us-cert.gov/cas/techalerts/TA10-089A.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0267
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0488
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0489
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0491
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0494
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0807
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS7WmDPOB+SpikaiRAQIXiQP/dGVDAoBRDcU7AWeZbJ3uVszFNjfeNI2G
tpV7sayOvmz223yHnPDpYYvX6JcnU9PGXbx0Z81Lb8DKLazduO5kSDHCmc5sIjHW
AC+lIIvLmjFeGxN84AwbQ9agcFlq8HK7ALs3GqWom2zhl1jsCIuykmufG53Emt5u
MlnzJeZ4ocY=
=XFDQ
-----END PGP SIGNATURE-----