Alert GCSA-10182 - MS10-103 Vulnerabilita' in Microsoft Publisher
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10182
Data : 16 dicembre 2010
Titolo : MS10-103 Vulnerabilita' in Microsoft Publisher (2292970)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza
che risolve una vulnerabilita' presente in Microsoft Publisher.
La vulnerabilita' potrebbe consentire esecuzione remota di
codice arbitrario se un utente apre un file Publisher artefatto.
:: Software interessato
Microsoft Publisher 2002 SP3
Microsoft Publisher 2003 SP3
Microsoft Publisher 2007 SP2
Microsoft Publisher 2010 (32-bit editions)
Microsoft Publisher 2010 (64-bit editions)
:: Impatto
Esecuzione remota di codice arbitrario
Conquista del controllo sul sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-103.mspx
Microsoft Knowledge Base
http://support.microsoft.com/kb/2292970
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3955
ISC SANS
http://isc.sans.org/diary.html?storyid=10081
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTQnzyPOB+SpikaiRAQLF2QP/Y3dLUiwRxA/6GjL8leroTNNF4WLstMp0
QyPawrUD81I5Ds+heCUOQzvuxtccs8+fxGNStSnIARMVKDNPf8jKJ41fCUGZ0igN
frDcVEfoj29EfBf9TVCWmt7gR1Qy7v7k7g1OoQSWn5SUGSUcur/V56kNY9gusA7R
Yeq/BbhARAU=
=NDfM
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10182
Data : 16 dicembre 2010
Titolo : MS10-103 Vulnerabilita' in Microsoft Publisher (2292970)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza
che risolve una vulnerabilita' presente in Microsoft Publisher.
La vulnerabilita' potrebbe consentire esecuzione remota di
codice arbitrario se un utente apre un file Publisher artefatto.
:: Software interessato
Microsoft Publisher 2002 SP3
Microsoft Publisher 2003 SP3
Microsoft Publisher 2007 SP2
Microsoft Publisher 2010 (32-bit editions)
Microsoft Publisher 2010 (64-bit editions)
:: Impatto
Esecuzione remota di codice arbitrario
Conquista del controllo sul sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-103.mspx
Microsoft Knowledge Base
http://support.microsoft.com/kb/2292970
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2569
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2570
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2571
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3954
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3955
ISC SANS
http://isc.sans.org/diary.html?storyid=10081
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTQnzyPOB+SpikaiRAQLF2QP/Y3dLUiwRxA/6GjL8leroTNNF4WLstMp0
QyPawrUD81I5Ds+heCUOQzvuxtccs8+fxGNStSnIARMVKDNPf8jKJ41fCUGZ0igN
frDcVEfoj29EfBf9TVCWmt7gR1Qy7v7k7g1OoQSWn5SUGSUcur/V56kNY9gusA7R
Yeq/BbhARAU=
=NDfM
-----END PGP SIGNATURE-----