Alert GCSA-16001 - Bollettino di Sicurezza Microsoft Gennaio 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16001
Data: 13 Gennaio 2016
Titolo: Bollettino di Sicurezza Microsoft Gennaio 2016
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 9 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
ed in altre applicazioni:
MS16-001 Cumulative Security Update for Internet Explorer (3124903)
MS16-002 Cumulative Security Update for Microsoft Edge (3124904)
MS16-003 Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)
MS16-004 Security Update for Microsoft Office to Address Remote Code Execution (3124585)
MS16-005 Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)
MS16-006 Security Update for Silverlight to Address Remote Code Execution (3126036)
MS16-007 Security Update for Microsoft Windows to Address Remote Code Execution (3124901)
MS16-008 Security Update for Windows Kernel to Address Elevation of Privilege (3124605)
MS16-010 Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office
Microsoft Silverlight
Microsoft Exchange
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, gennaio 2016
https://technet.microsoft.com/library/security/ms16-jan
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-001
https://technet.microsoft.com/library/security/MS16-002
https://technet.microsoft.com/library/security/MS16-003
https://technet.microsoft.com/library/security/MS16-004
https://technet.microsoft.com/library/security/MS16-005
https://technet.microsoft.com/library/security/MS16-006
https://technet.microsoft.com/library/security/MS16-007
https://technet.microsoft.com/library/security/MS16-008
https://technet.microsoft.com/library/security/MS16-010
Microsoft Knowledge Base
https://support.microsoft.com/it-it/kb/3124903
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SANS ISC Diary
https://isc.sans.edu/forums/diary/January+2016+Microsoft+Patch+Tuesday/20605/
I riferimenti CVE sono disponibili
nelle segnalazioni originali.
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlaWZl4ACgkQwZxMk2USYEKUAwCfdEcqhrblhNDbPRLitB/cg9JS
G/MAniZzfAHCOtmg96NRNUE/koG1Qw5F
=4YZe
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16001
Data: 13 Gennaio 2016
Titolo: Bollettino di Sicurezza Microsoft Gennaio 2016
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 9 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
ed in altre applicazioni:
MS16-001 Cumulative Security Update for Internet Explorer (3124903)
MS16-002 Cumulative Security Update for Microsoft Edge (3124904)
MS16-003 Cumulative Security Update for JScript and VBScript to Address Remote Code Execution (3125540)
MS16-004 Security Update for Microsoft Office to Address Remote Code Execution (3124585)
MS16-005 Security Update for Windows Kernel-Mode Drivers to Address Remote Code Execution (3124584)
MS16-006 Security Update for Silverlight to Address Remote Code Execution (3126036)
MS16-007 Security Update for Microsoft Windows to Address Remote Code Execution (3124901)
MS16-008 Security Update for Windows Kernel to Address Elevation of Privilege (3124605)
MS16-010 Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office
Microsoft Silverlight
Microsoft Exchange
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, gennaio 2016
https://technet.microsoft.com/library/security/ms16-jan
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-001
https://technet.microsoft.com/library/security/MS16-002
https://technet.microsoft.com/library/security/MS16-003
https://technet.microsoft.com/library/security/MS16-004
https://technet.microsoft.com/library/security/MS16-005
https://technet.microsoft.com/library/security/MS16-006
https://technet.microsoft.com/library/security/MS16-007
https://technet.microsoft.com/library/security/MS16-008
https://technet.microsoft.com/library/security/MS16-010
Microsoft Knowledge Base
https://support.microsoft.com/it-it/kb/3124903
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SANS ISC Diary
https://isc.sans.edu/forums/diary/January+2016+Microsoft+Patch+Tuesday/20605/
I riferimenti CVE sono disponibili
nelle segnalazioni originali.
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlaWZl4ACgkQwZxMk2USYEKUAwCfdEcqhrblhNDbPRLitB/cg9JS
G/MAniZzfAHCOtmg96NRNUE/koG1Qw5F
=4YZe
-----END PGP SIGNATURE-----