Alert GCSA-13012 - Bollettino di Sicurezza Microsoft Febbraio 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13012
Data : 13 Febbraio 2013
Titolo : Bollettino di Sicurezza Microsoft Febbraio 2013
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 12 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi e applicazioni
Windows:
MS13-009 Aggiornamento cumulativo per la protezione di Internet Explorer (2792100)
MS13-010 Vulnerability in Vector Markup Language (2797052)
MS13-011 Vulnerability in Media Decompression (2780091)
MS13-012 Vulnerabilities in Microsoft Exchange Server (2809279)
MS13-013 Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing (2784242)
MS13-014 Vulnerability in NFS Server (2790978)
MS13-015 Vulnerability in .NET Framework (2800277)
MS13-016 Vulnerabilities in Windows Kernel-Mode Driver (2778344)
MS13-017 Vulnerabilities in Windows Kernel (2799494)
MS13-018 Vulnerability in TCP/IP (2790655)
MS13-019 Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) (2790113)
MS13-020 Vulnerability in OLE Automation (2802968)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
Per alcuni degli aggiornamenti presenti nel bollettino sono noti
problemi relativi all'installazione su sistemi Windows RT-based
risolvibili consultando il documento Microsoft Knowledge Base
http://support.microsoft.com/kb/2808380
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Server Software
Microsoft .NET Framework
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi pi elevati
Elusione della funzione di protezione
Attacco di tipo Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Febbraio 2013
http://technet.microsoft.com/it-it/security/bulletin/ms13-feb
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/ms13-009
http://technet.microsoft.com/it-it/security/bulletin/ms13-010
http://technet.microsoft.com/it-it/security/bulletin/ms13-011
http://technet.microsoft.com/it-it/security/bulletin/ms13-012
http://technet.microsoft.com/it-it/security/bulletin/ms13-013
http://technet.microsoft.com/it-it/security/bulletin/ms13-014
http://technet.microsoft.com/it-it/security/bulletin/ms13-015
http://technet.microsoft.com/it-it/security/bulletin/ms13-016
http://technet.microsoft.com/it-it/security/bulletin/ms13-017
http://technet.microsoft.com/it-it/security/bulletin/ms13-018
http://technet.microsoft.com/it-it/security/bulletin/ms13-019
http://technet.microsoft.com/it-it/security/bulletin/ms13-020
Microsoft Knowledge Base
http://support.microsoft.com/kb/2792100
http://support.microsoft.com/kb/2797052
http://support.microsoft.com/kb/2780091
http://support.microsoft.com/kb/2809279
http://support.microsoft.com/kb/2553234
http://support.microsoft.com/kb/2790978
http://support.microsoft.com/kb/2800277
http://support.microsoft.com/kb/2778344
http://support.microsoft.com/kb/2799494
http://support.microsoft.com/kb/2790655
http://support.microsoft.com/kb/2790113
http://support.microsoft.com/kb/2802968
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0015
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0018
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0019
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0020
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0021
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0022
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0023
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0024
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0025
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0026
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0027
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0028
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0029
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0030
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0077
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0393
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0418
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3214
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3217
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1281
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0073
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1248
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1249
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1250
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1251
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1252
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1253
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1254
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1255
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1256
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1257
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1258
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1259
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1260
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1261
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1262
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1263
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1264
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1265
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1266
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1267
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1268
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1269
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1270
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1271
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1272
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1273
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1274
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1275
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1276
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1277
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1279
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1280
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1313
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=15142
US-CERT Alert TA13-043B
http://www.us-cert.gov/cas/techalerts/TA13-043B.html
GARR CERT Newsletter subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlEbtM4ACgkQwZxMk2USYELWEgCgpbbj/GqLNUE3TbjORJBlYm3i
NYQAoJv8Lt/u0uEv4qvnpKhpgNNf7Mn+
=OrcO
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-13012
Data : 13 Febbraio 2013
Titolo : Bollettino di Sicurezza Microsoft Febbraio 2013
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 12 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi e applicazioni
Windows:
MS13-009 Aggiornamento cumulativo per la protezione di Internet Explorer (2792100)
MS13-010 Vulnerability in Vector Markup Language (2797052)
MS13-011 Vulnerability in Media Decompression (2780091)
MS13-012 Vulnerabilities in Microsoft Exchange Server (2809279)
MS13-013 Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing (2784242)
MS13-014 Vulnerability in NFS Server (2790978)
MS13-015 Vulnerability in .NET Framework (2800277)
MS13-016 Vulnerabilities in Windows Kernel-Mode Driver (2778344)
MS13-017 Vulnerabilities in Windows Kernel (2799494)
MS13-018 Vulnerability in TCP/IP (2790655)
MS13-019 Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) (2790113)
MS13-020 Vulnerability in OLE Automation (2802968)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
Per alcuni degli aggiornamenti presenti nel bollettino sono noti
problemi relativi all'installazione su sistemi Windows RT-based
risolvibili consultando il documento Microsoft Knowledge Base
http://support.microsoft.com/kb/2808380
:: Software interessato
Microsoft Windows
Microsoft Internet Explorer
Microsoft Office
Microsoft Server Software
Microsoft .NET Framework
:: Impatto
Esecuzione di codice in modalita' remota
Acquisizione di privilegi pi elevati
Elusione della funzione di protezione
Attacco di tipo Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - Febbraio 2013
http://technet.microsoft.com/it-it/security/bulletin/ms13-feb
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/ms13-009
http://technet.microsoft.com/it-it/security/bulletin/ms13-010
http://technet.microsoft.com/it-it/security/bulletin/ms13-011
http://technet.microsoft.com/it-it/security/bulletin/ms13-012
http://technet.microsoft.com/it-it/security/bulletin/ms13-013
http://technet.microsoft.com/it-it/security/bulletin/ms13-014
http://technet.microsoft.com/it-it/security/bulletin/ms13-015
http://technet.microsoft.com/it-it/security/bulletin/ms13-016
http://technet.microsoft.com/it-it/security/bulletin/ms13-017
http://technet.microsoft.com/it-it/security/bulletin/ms13-018
http://technet.microsoft.com/it-it/security/bulletin/ms13-019
http://technet.microsoft.com/it-it/security/bulletin/ms13-020
Microsoft Knowledge Base
http://support.microsoft.com/kb/2792100
http://support.microsoft.com/kb/2797052
http://support.microsoft.com/kb/2780091
http://support.microsoft.com/kb/2809279
http://support.microsoft.com/kb/2553234
http://support.microsoft.com/kb/2790978
http://support.microsoft.com/kb/2800277
http://support.microsoft.com/kb/2778344
http://support.microsoft.com/kb/2799494
http://support.microsoft.com/kb/2790655
http://support.microsoft.com/kb/2790113
http://support.microsoft.com/kb/2802968
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0015
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0018
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0019
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0020
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0021
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0022
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0023
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0024
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0025
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0026
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0027
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0028
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0029
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0030
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0077
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0393
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0418
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3214
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3217
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1281
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0073
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1248
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1249
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1250
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1251
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1252
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1253
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1254
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1255
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1256
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1257
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1258
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1259
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1260
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1261
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1262
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1263
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1264
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1265
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1266
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1267
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1268
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1269
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1270
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1271
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1272
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1273
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1274
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1275
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1276
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1277
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1279
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1280
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1278
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1313
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=15142
US-CERT Alert TA13-043B
http://www.us-cert.gov/cas/techalerts/TA13-043B.html
GARR CERT Newsletter subscribe/unsubscribe: http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
iEYEARECAAYFAlEbtM4ACgkQwZxMk2USYELWEgCgpbbj/GqLNUE3TbjORJBlYm3i
NYQAoJv8Lt/u0uEv4qvnpKhpgNNf7Mn+
=OrcO
-----END PGP SIGNATURE-----