Alert GCSA-09049 - Vulnerabilita' in Microsoft Office Word (MS09-027)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-09049
Data : 11 giugno 2009
Titolo : Vulnerabilita' in Microsoft Office Word (MS09-027)
******************************************************************
:: Descrizione del problema
Il bolletino di sicurezza Microsoft MS09-027, considerato critico,
risolve due vulnerabilita' presenti Microsoft Word che potrebbero
essere sfruttate da utenti malevoli per compromettere una sistema
vulnerabile.
:: Software interessato
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, PowerPoint 2007
File Formats
Microsoft Office Word 2007
Microsoft Office Word Viewer
Microsoft Office XP
Microsoft Open XML File Format Converter for Mac
Microsoft Word 2000
Microsoft Word 2002
Microsoft Word 2003
Microsoft Word Viewer 2003
:: Impatto
Compromissione del sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
All'interno del bollettino e' possibile trovare informazioni sulle
eventuali difficolta' scaturite dall'installazione di
questo aggiornamento.
:: Riferimenti
Microsoft Security Bulletin MS09-027 - Critical
http://www.microsoft.com/technet/security/bulletin/ms09-027.mspx
US-CERT - Technical Cyber Security Alert TA09-160A
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Secunia - Microsoft Office Word Two Vulnerabilities
http://secunia.com/advisories/35377/
Securityfocus
http://www.securityfocus.com/bid/35188
http://www.securityfocus.com/bid/35190
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0565
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSjDoWfOB+SpikaiRAQJKFAP/VpftNBPj3MNKHc/VsK9y+rHliFHVZQMW
rj8GumGHqwouKst1rAfSksZAebxv459rJG8HhD00T/hKhf2Cft97i0+vVj7kYaLe
q17NQBczHQ7emjklIo5rXg/x/suyWs6GJzaHG+ZR/x4I/2RUDHTg3pTD0hiHWozO
lI34UwjCYwo=
=6rzK
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-09049
Data : 11 giugno 2009
Titolo : Vulnerabilita' in Microsoft Office Word (MS09-027)
******************************************************************
:: Descrizione del problema
Il bolletino di sicurezza Microsoft MS09-027, considerato critico,
risolve due vulnerabilita' presenti Microsoft Word che potrebbero
essere sfruttate da utenti malevoli per compromettere una sistema
vulnerabile.
:: Software interessato
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office 2007
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack for Word, Excel, PowerPoint 2007
File Formats
Microsoft Office Word 2007
Microsoft Office Word Viewer
Microsoft Office XP
Microsoft Open XML File Format Converter for Mac
Microsoft Word 2000
Microsoft Word 2002
Microsoft Word 2003
Microsoft Word Viewer 2003
:: Impatto
Compromissione del sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
All'interno del bollettino e' possibile trovare informazioni sulle
eventuali difficolta' scaturite dall'installazione di
questo aggiornamento.
:: Riferimenti
Microsoft Security Bulletin MS09-027 - Critical
http://www.microsoft.com/technet/security/bulletin/ms09-027.mspx
US-CERT - Technical Cyber Security Alert TA09-160A
http://www.us-cert.gov/cas/techalerts/TA09-160A.html
Secunia - Microsoft Office Word Two Vulnerabilities
http://secunia.com/advisories/35377/
Securityfocus
http://www.securityfocus.com/bid/35188
http://www.securityfocus.com/bid/35190
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0565
-----BEGIN PGP SIGNATURE-----
iQCVAwUBSjDoWfOB+SpikaiRAQJKFAP/VpftNBPj3MNKHc/VsK9y+rHliFHVZQMW
rj8GumGHqwouKst1rAfSksZAebxv459rJG8HhD00T/hKhf2Cft97i0+vVj7kYaLe
q17NQBczHQ7emjklIo5rXg/x/suyWs6GJzaHG+ZR/x4I/2RUDHTg3pTD0hiHWozO
lI34UwjCYwo=
=6rzK
-----END PGP SIGNATURE-----