Alert GCSA-17043 - Apple Security Updates APPLE-SA-2017-07-19
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17043
Data: 20 Luglio 2017
Titolo: Apple Security Updates APPLE-SA-2017-07-19
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono vulnerabilità presenti
in Apple macOS, Safari, iTunes for Windows, Apple iOS, tvOS e watchOS.
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Software interessato
Apple macOS Sierra
Apple Safari
Apple iTunes for Windows
Apple iOS
Apple tvOS
Apple watchOS
Apple iCloud for Windows
:: Impatto
condizioni di denial of service in locale e da remoto
esecuzione di codice arbitrario in locale e da remoto
rilascio di informazioni di autenticazione
rilascio di informazioni utente
rilascio di informazioni di sistema
modifica delle informazioni utente
modifica delle informazioni di sistema
accesso root in locale
accesso utente in locale
accesso utente da remoto
Escalation di privilegi
Spoofing di URL
:: Soluzioni
Applicare i security update:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT207925
https://support.apple.com/en-us/HT207923
https://support.apple.com/en-us/HT207922
https://support.apple.com/en-us/HT207921
https://support.apple.com/en-us/HT207927
https://support.apple.com/en-us/HT207928
https://support.apple.com/en-us/HT207928
Security Tracker
http://www.securitytracker.com/id/1038950
http://www.securitytracker.com/id/1038951
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7028
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7055
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9417
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAllwbIsACgkQwZxMk2USYELoUACgjWZ5anQ8NbOUWLKrpBT24dMa
FJoAn0CPi+pSN1x6ZwKT6rWRmdV0izNQ
=fDwA
-----END PGP SIGNATURE-----
Hash: SHA1
**********************************************************************
Alert ID: GCSA-17043
Data: 20 Luglio 2017
Titolo: Apple Security Updates APPLE-SA-2017-07-19
**********************************************************************
:: Descrizione del problema
Apple ha rilasciato aggiornamenti che risolvono vulnerabilità presenti
in Apple macOS, Safari, iTunes for Windows, Apple iOS, tvOS e watchOS.
Per una descrizione completa delle vulnerabilita' consultare
le segnalazioni ufficiali.
:: Software interessato
Apple macOS Sierra
Apple Safari
Apple iTunes for Windows
Apple iOS
Apple tvOS
Apple watchOS
Apple iCloud for Windows
:: Impatto
condizioni di denial of service in locale e da remoto
esecuzione di codice arbitrario in locale e da remoto
rilascio di informazioni di autenticazione
rilascio di informazioni utente
rilascio di informazioni di sistema
modifica delle informazioni utente
modifica delle informazioni di sistema
accesso root in locale
accesso utente in locale
accesso utente da remoto
Escalation di privilegi
Spoofing di URL
:: Soluzioni
Applicare i security update:
http://www.apple.com/support/downloads/
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT207925
https://support.apple.com/en-us/HT207923
https://support.apple.com/en-us/HT207922
https://support.apple.com/en-us/HT207921
https://support.apple.com/en-us/HT207927
https://support.apple.com/en-us/HT207928
https://support.apple.com/en-us/HT207928
Security Tracker
http://www.securitytracker.com/id/1038950
http://www.securitytracker.com/id/1038951
Mitre CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9586
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2517
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2629
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7007
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7028
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7054
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7055
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7056
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7060
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7062
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7063
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7064
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7067
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7068
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9417
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAllwbIsACgkQwZxMk2USYELoUACgjWZ5anQ8NbOUWLKrpBT24dMa
FJoAn0CPi+pSN1x6ZwKT6rWRmdV0izNQ
=fDwA
-----END PGP SIGNATURE-----