Alert GCSA-11078 - Microsoft Security Bullettin November 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11078
Data : 9 Novembre 2011
Titolo : Microsoft Security Bullettin November 2011
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 4 bollettini di sicurezza
relativi a varie vulnerabilita' presenti nei
sistemi operativi Windows:
MS11-083 (2588516) Vulnerabilita' in TCP/IP
MS11-084 (2617657) Vulnerabilita' in Windows Kernel-Mode Driver
MS11-085 (2620704) Vulnerabilita' in Windows Mail e Windows Meeting Space
MS11-086 (2630837) Vulnerabilita' in Active Directory
Il bollettino MS11-084 risolve definitivamente la vulnerabilita' riportata
come 0-day da Microsoft nell'advisory KB2639658:
http://technet.microsoft.com/en-us/security/advisory/2639658
http://www.cert.garr.it/alerts/msg00990.html
Maggiori dettagli sono disponibili nelle segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
:: Impatto
Esecuzione di codice arbitrario
Acquisizione di privilegi piu' elevati
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for November 2011:
http://technet.microsoft.com/security/bulletin/ms11-nov
Microsoft Security Bulletin:
http://www.microsoft.com/technet/security/Bulletin/MS11-083.mspx
http://www.microsoft.com/technet/security/Bulletin/MS11-084.mspx
http://www.microsoft.com/technet/security/Bulletin/MS11-085.mspx
http://www.microsoft.com/technet/security/Bulletin/MS11-086.mspx
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2014
Microsoft Update:
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Secunia:
http://secunia.com/advisories/46731/
http://secunia.com/advisories/46751/
http://secunia.com/advisories/46752/
http://secunia.com/advisories/46755/
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTrpZLfOB+SpikaiRAQJJVQP9GgDeX+HTbEbjlXtYFIt0slZreFcntjQA
WC8Rl5Gn8s1HG+Nu/uPmraKnCGYEzg+DKIUKP1pG4umw3ISEBTbsYPQxApwOajx7
TDdVcnEtSpWtrc8Et3McyWclpkIdd0m5htpM6mIfBsEHxNmp0HrVpwAEH5Wa6lXg
Ewv9BJnO56s=
=c0fg
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-11078
Data : 9 Novembre 2011
Titolo : Microsoft Security Bullettin November 2011
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 4 bollettini di sicurezza
relativi a varie vulnerabilita' presenti nei
sistemi operativi Windows:
MS11-083 (2588516) Vulnerabilita' in TCP/IP
MS11-084 (2617657) Vulnerabilita' in Windows Kernel-Mode Driver
MS11-085 (2620704) Vulnerabilita' in Windows Mail e Windows Meeting Space
MS11-086 (2630837) Vulnerabilita' in Active Directory
Il bollettino MS11-084 risolve definitivamente la vulnerabilita' riportata
come 0-day da Microsoft nell'advisory KB2639658:
http://technet.microsoft.com/en-us/security/advisory/2639658
http://www.cert.garr.it/alerts/msg00990.html
Maggiori dettagli sono disponibili nelle segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
:: Impatto
Esecuzione di codice arbitrario
Acquisizione di privilegi piu' elevati
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for November 2011:
http://technet.microsoft.com/security/bulletin/ms11-nov
Microsoft Security Bulletin:
http://www.microsoft.com/technet/security/Bulletin/MS11-083.mspx
http://www.microsoft.com/technet/security/Bulletin/MS11-084.mspx
http://www.microsoft.com/technet/security/Bulletin/MS11-085.mspx
http://www.microsoft.com/technet/security/Bulletin/MS11-086.mspx
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2014
Microsoft Update:
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Secunia:
http://secunia.com/advisories/46731/
http://secunia.com/advisories/46751/
http://secunia.com/advisories/46752/
http://secunia.com/advisories/46755/
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTrpZLfOB+SpikaiRAQJJVQP9GgDeX+HTbEbjlXtYFIt0slZreFcntjQA
WC8Rl5Gn8s1HG+Nu/uPmraKnCGYEzg+DKIUKP1pG4umw3ISEBTbsYPQxApwOajx7
TDdVcnEtSpWtrc8Et3McyWclpkIdd0m5htpM6mIfBsEHxNmp0HrVpwAEH5Wa6lXg
Ewv9BJnO56s=
=c0fg
-----END PGP SIGNATURE-----