Alert GCSA 18100 - Microsoft Security Update Dicembre 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18100
Data: 14 Dicembre 2018
Titolo: Microsoft Security Update Dicembre 2018
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato vari aggiornamenti mirati a risolvere numerose
vulnerabilita' presenti nei sistemi operativi Windows e in vari software
applicativi.
Maggiori dettagli sono disponibili nella segnalazione ufficiale alla
sezione "Riferimenti".
:: Software interessato
Adobe Flash Player
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
.NET Framework
Microsoft Dynamics NAV
Microsoft Exchange Server
Microsoft Visual Studio
Windows Azure Pack (WAP)
:: Impatto
Varie possibilita' di attacco remoto per sfruttare alcune delle
vulnerabilita' e ottenere l'accesso al sistema.
:: Soluzioni
Per default l'installazione degli aggiornamenti avviene in maniera
automatica.
Microsoft Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance/
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft
Update https://www.catalog.update.microsoft.com/Home.aspx
:: Riferimenti
Microsoft Security update deployment information
https://support.microsoft.com/en-us/help/20181211/security-update-deployment-information-december-11-2018
Microsoft Dicembre 2018 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c54acc6-2ed2-e811-a980-000d3a33a34d
Microsoft Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
CERT Nazionale
https://www.certnazionale.it/news/2018/12/12/aggiornamenti-di-sicurezza-per-prodotti-microsoft-dicembre-2018/
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/12/11/Microsoft-Releases-December-2018-Security-Updates
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8514
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8616
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8622
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8638
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlwTjbEACgkQwZxMk2USYEL7swCfd48fQAXIROQiEBXrcPZZaMsD
jtQAoKiCrci0/rIVnfLDbmNGhlytjbnz
=ix5N
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18100
Data: 14 Dicembre 2018
Titolo: Microsoft Security Update Dicembre 2018
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato vari aggiornamenti mirati a risolvere numerose
vulnerabilita' presenti nei sistemi operativi Windows e in vari software
applicativi.
Maggiori dettagli sono disponibili nella segnalazione ufficiale alla
sezione "Riferimenti".
:: Software interessato
Adobe Flash Player
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ChakraCore
.NET Framework
Microsoft Dynamics NAV
Microsoft Exchange Server
Microsoft Visual Studio
Windows Azure Pack (WAP)
:: Impatto
Varie possibilita' di attacco remoto per sfruttare alcune delle
vulnerabilita' e ottenere l'accesso al sistema.
:: Soluzioni
Per default l'installazione degli aggiornamenti avviene in maniera
automatica.
Microsoft Security Update Guide
https://portal.msrc.microsoft.com/en-us/security-guidance/
Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft
Update https://www.catalog.update.microsoft.com/Home.aspx
:: Riferimenti
Microsoft Security update deployment information
https://support.microsoft.com/en-us/help/20181211/security-update-deployment-information-december-11-2018
Microsoft Dicembre 2018 Security Updates
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/6c54acc6-2ed2-e811-a980-000d3a33a34d
Microsoft Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
CERT Nazionale
https://www.certnazionale.it/news/2018/12/12/aggiornamenti-di-sicurezza-per-prodotti-microsoft-dicembre-2018/
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/12/11/Microsoft-Releases-December-2018-Security-Updates
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8514
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8580
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8596
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8598
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8616
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8621
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8622
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8637
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8638
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlwTjbEACgkQwZxMk2USYEL7swCfd48fQAXIROQiEBXrcPZZaMsD
jtQAoKiCrci0/rIVnfLDbmNGhlytjbnz
=ix5N
-----END PGP SIGNATURE-----