Alert GCSA-17007 - Apple Security Updates APPLE-SA-2017-01-23
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17007
Data: 27 Gennaio 2017
Titolo: Apple Security Updates APPLE-SA-2017-01-23
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono vulnerabilità presenti
in Apple macOS, Safari, iTunes for Windows, Apple iOS, tvOS e watchOS:
macOS 10.12.3
Safari 10.0.3
iTunes 12.5.5
iOS 10.2.1
tvOS 10.1.1
watchOS 3.1.3
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Software interessato
Apple macOS
Apple Safari
Apple iTunes
Apple iOS
Apple tvOS
Apple watchOS
:: Impatto
condizioni di denial of service
un utente locale può accedere alle password del sistema
by-pass delle restrizioni di sicurezza per utenti locali e remoti
Spoofing di URL
accesso ad informazioni sensibili
:: Soluzioni
Applicare i security update:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple security updates
https://support.apple.com/kb/HT201222
https://support.apple.com/en-us/HT207482
https://support.apple.com/en-us/HT207484
https://support.apple.com/en-us/HT207483
https://support.apple.com/en-us/HT207485
https://support.apple.com/en-us/HT207487
https://support.apple.com/en-us/HT207486
Security Tracker
http://www.securitytracker.com/id/1037668
http://www.securitytracker.com/id/1037675
http://www.securitytracker.com/id/1037669
http://www.securitytracker.com/id/1037671
http://www.securitytracker.com/id/1037679
http://www.securitytracker.com/id/1037681
Security Focus
http://www.securityfocus.com/bid/95723
http://www.securityfocus.com/bid/95722
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2359
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2365
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2366
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2373
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAliLL5gACgkQwZxMk2USYEKL1QCg3JAh0uBFugFtoasjSFWXaRYd
XA8AoIdLDyAqokIyEAtK/Lsku7IV8ihh
=8Wcf
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17007
Data: 27 Gennaio 2017
Titolo: Apple Security Updates APPLE-SA-2017-01-23
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono vulnerabilità presenti
in Apple macOS, Safari, iTunes for Windows, Apple iOS, tvOS e watchOS:
macOS 10.12.3
Safari 10.0.3
iTunes 12.5.5
iOS 10.2.1
tvOS 10.1.1
watchOS 3.1.3
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Software interessato
Apple macOS
Apple Safari
Apple iTunes
Apple iOS
Apple tvOS
Apple watchOS
:: Impatto
condizioni di denial of service
un utente locale può accedere alle password del sistema
by-pass delle restrizioni di sicurezza per utenti locali e remoti
Spoofing di URL
accesso ad informazioni sensibili
:: Soluzioni
Applicare i security update:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple security updates
https://support.apple.com/kb/HT201222
https://support.apple.com/en-us/HT207482
https://support.apple.com/en-us/HT207484
https://support.apple.com/en-us/HT207483
https://support.apple.com/en-us/HT207485
https://support.apple.com/en-us/HT207487
https://support.apple.com/en-us/HT207486
Security Tracker
http://www.securitytracker.com/id/1037668
http://www.securitytracker.com/id/1037675
http://www.securitytracker.com/id/1037669
http://www.securitytracker.com/id/1037671
http://www.securitytracker.com/id/1037679
http://www.securitytracker.com/id/1037681
Security Focus
http://www.securityfocus.com/bid/95723
http://www.securityfocus.com/bid/95722
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2350
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2351
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2352
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2354
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2356
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2357
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2358
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2359
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2360
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2361
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2362
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2365
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2366
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2368
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2369
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2371
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2373
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAliLL5gACgkQwZxMk2USYEKL1QCg3JAh0uBFugFtoasjSFWXaRYd
XA8AoIdLDyAqokIyEAtK/Lsku7IV8ihh
=8Wcf
-----END PGP SIGNATURE-----