Alert GCSA-10008 - MS10-002 Aggiornamento cumulativo per Internet
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10008
Data : 22 gennaio 2010
Titolo : MS10-002 Aggiornamento cumulativo per Internet Explorer (978207)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza cumulativo
per risolvere varie vulnerabilita' presenti in Microsoft Internet
Explorer.
:: Software interessato
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Attacchi cross-site scripting
Compromissione di sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx
Microsoft (KB979352):
http://www.microsoft.com/technet/security/advisory/979352.mspx
http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspx
Zero Day Initiative
http://www.zerodayinitiative.com/advisories/ZDI-10-011/
http://www.zerodayinitiative.com/advisories/ZDI-10-012/
http://www.zerodayinitiative.com/advisories/ZDI-10-013/
http://www.zerodayinitiative.com/advisories/ZDI-10-014/
Security Focus
http://www.securityfocus.com/bid/37815
Vupen Security
http://www.vupen.com/english/advisories/2010/0187
US-CERT Vulnerability Note VU#492515 -
http://www.kb.cert.org/vuls/id/492515
US-CERT Alert
http://www.us-cert.gov/cas/alerts/SA10-021A.html
http://www.us-cert.gov/cas/techalerts/TA10-021A.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0246
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0249
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS1mY4fOB+SpikaiRAQImUAQAr3zkOz8Qi61B3GzRIw6G/l96csjCz63W
ZQ/olfMFVBrJpwXMR8HWxQSlzBnw+Nqd1tx9f9oKzXLjol67L0s2+B43LOHUkDE7
AbfyyH0WDm9TiJ82kwfYXGlvxWiLc248r6Kt8YRLXV7zKgfuh+938HgoOjv7mv6L
9cPlaV60QWM=
=dyNM
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-10008
Data : 22 gennaio 2010
Titolo : MS10-002 Aggiornamento cumulativo per Internet Explorer (978207)
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato un aggiornamento di sicurezza cumulativo
per risolvere varie vulnerabilita' presenti in Microsoft Internet
Explorer.
:: Software interessato
Microsoft Internet Explorer 5.01
Microsoft Internet Explorer 6.x
Microsoft Internet Explorer 7.x
Microsoft Internet Explorer 8.x
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Attacchi cross-site scripting
Compromissione di sistema
:: Soluzioni
Installare manualmente la patch elencata nel bollettino Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services.
:: Riferimenti
Microsoft Security Bulletin
http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx
Microsoft (KB979352):
http://www.microsoft.com/technet/security/advisory/979352.mspx
http://blogs.technet.com/msrc/archive/2010/01/14/security-advisory-979352.aspx
Zero Day Initiative
http://www.zerodayinitiative.com/advisories/ZDI-10-011/
http://www.zerodayinitiative.com/advisories/ZDI-10-012/
http://www.zerodayinitiative.com/advisories/ZDI-10-013/
http://www.zerodayinitiative.com/advisories/ZDI-10-014/
Security Focus
http://www.securityfocus.com/bid/37815
Vupen Security
http://www.vupen.com/english/advisories/2010/0187
US-CERT Vulnerability Note VU#492515 -
http://www.kb.cert.org/vuls/id/492515
US-CERT Alert
http://www.us-cert.gov/cas/alerts/SA10-021A.html
http://www.us-cert.gov/cas/techalerts/TA10-021A.html
Mitre's CVE ID
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0245
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0246
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0247
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0249
-----BEGIN PGP SIGNATURE-----
iQCVAwUBS1mY4fOB+SpikaiRAQImUAQAr3zkOz8Qi61B3GzRIw6G/l96csjCz63W
ZQ/olfMFVBrJpwXMR8HWxQSlzBnw+Nqd1tx9f9oKzXLjol67L0s2+B43LOHUkDE7
AbfyyH0WDm9TiJ82kwfYXGlvxWiLc248r6Kt8YRLXV7zKgfuh+938HgoOjv7mv6L
9cPlaV60QWM=
=dyNM
-----END PGP SIGNATURE-----