Alert GCSA-10177 - MS10-098 Vulnerabilita' in Windows Kernel-Mode
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10177
Data : 15 dicembre 2010
Titolo : MS10-098 Vulnerabilita' in Windows Kernel-Mode Drivers (2436673)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza che
risolve varie vulnerabilita' presenti in Windows.
Le vulnerabilita' potrebbero consentire di ottenere
un incremento dei privilegi, se un aggressore autenticato
localmente eseguisse un'applicazione artefatta.
Le vulnerabilita' non possono essere sfruttate remotamente o
da utenti anonimi.
:: Software interessato
Windows XP SP3
Windows XP Pro x64 Edition SP2
Windows Vista SP1
Windows Vista SP2
Windows Vista x64 Edition SP1
Windows Vista x64 Edition SP2
Windows 7 per 32-bit Systems
Windows 7 per x64-based Systems
Windows Server 2003 SP2
Windows Server 2003 x64 Edition SP2
Windows Server 2003 SP2 per Itanium-based Systems
Windows Server 2008 per 32-bit Systems
Windows Server 2008 per 32-bit Systems SP2
Windows Server 2008 per x64-based Systems
Windows Server 2008 per x64-based Systems SP2
Windows Server 2008 per Itanium-based Systems
Windows Server 2008 per Itanium-based Systems SP2
Windows Server 2008 R2 per x64-based Systems
Windows Server 2008 R2 per Itanium-based Systems
:: Impatto
Conquista di privilegi piu' elevati
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-098.mspx
Microsoft Knowledge Base
http://support.microsoft.com/kb/2436673
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3944
ISC SANS
http://isc.sans.org/diary.html?storyid=10081
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTQjlKfOB+SpikaiRAQLTJQQA0BgVqIUdOkYEpJWVdZ/b3XlBj0TwuAiH
fX4RW2S2uG4EYp0cqW0lPUU7ttBk+KbxXoFuNWTqARQuLDEp+oP3gOOmczn5qasp
Dggp2wo3OKO9DzzgOnFHx4iVmzZbvHqP3b9OdguJ6uNX8AVmzY7LJh6vD6Te+t5f
M8apEdjqVf4=
=OjFu
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10177
Data : 15 dicembre 2010
Titolo : MS10-098 Vulnerabilita' in Windows Kernel-Mode Drivers (2436673)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza che
risolve varie vulnerabilita' presenti in Windows.
Le vulnerabilita' potrebbero consentire di ottenere
un incremento dei privilegi, se un aggressore autenticato
localmente eseguisse un'applicazione artefatta.
Le vulnerabilita' non possono essere sfruttate remotamente o
da utenti anonimi.
:: Software interessato
Windows XP SP3
Windows XP Pro x64 Edition SP2
Windows Vista SP1
Windows Vista SP2
Windows Vista x64 Edition SP1
Windows Vista x64 Edition SP2
Windows 7 per 32-bit Systems
Windows 7 per x64-based Systems
Windows Server 2003 SP2
Windows Server 2003 x64 Edition SP2
Windows Server 2003 SP2 per Itanium-based Systems
Windows Server 2008 per 32-bit Systems
Windows Server 2008 per 32-bit Systems SP2
Windows Server 2008 per x64-based Systems
Windows Server 2008 per x64-based Systems SP2
Windows Server 2008 per Itanium-based Systems
Windows Server 2008 per Itanium-based Systems SP2
Windows Server 2008 R2 per x64-based Systems
Windows Server 2008 R2 per Itanium-based Systems
:: Impatto
Conquista di privilegi piu' elevati
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-098.mspx
Microsoft Knowledge Base
http://support.microsoft.com/kb/2436673
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3939
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3942
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3943
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3944
ISC SANS
http://isc.sans.org/diary.html?storyid=10081
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTQjlKfOB+SpikaiRAQLTJQQA0BgVqIUdOkYEpJWVdZ/b3XlBj0TwuAiH
fX4RW2S2uG4EYp0cqW0lPUU7ttBk+KbxXoFuNWTqARQuLDEp+oP3gOOmczn5qasp
Dggp2wo3OKO9DzzgOnFHx4iVmzZbvHqP3b9OdguJ6uNX8AVmzY7LJh6vD6Te+t5f
M8apEdjqVf4=
=OjFu
-----END PGP SIGNATURE-----