Alert GCSA-12018 - Microsoft Security Bullettin April 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12018
Data : 11 Aprile 2012
Titolo : Microsoft Security Bullettin April 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 6 bollettini di sicurezza relativi a varie vulnerabilita'
presenti nei sistemi operativi Windows, nel browser Internet Explorer, e in altre applicazioni:
MS12-023 Cumulative Security Update for Internet Explorer (2675157)
MS12-024 Vulnerability in Windows Could Allow Remote Code Execution (2653956)
MS12-025 Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
MS12-026 Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
MS12-027 Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
MS12-028 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Sistemi Operativi e Software interessati
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003/2008
Microsoft Windows Storage Server 2003
Microsoft Internet Explorer 6.x/7.x/8.x/9.x
Microsoft Office 2007
Microsoft Works 9
Microsoft Works 6-9 File Converter 1.x
Microsoft .NET Framework 1.x/2.x/3.x/4.x
Microsoft Forefront Unified Access Gateway (UAG) 2010
Microsoft BizTalk Server 2002
Microsoft Commerce Server 2002/2007/2009
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office 2010
Microsoft SQL Server 2000/2005/2008
Microsoft Visual Basic 6.x
Microsoft Visual FoxPro 8.x/9.x
:: Impatto
Spoofing
Security Bypass
Accesso al sistema in modalita' remota
Esposizione di informazioni sensibili
Esecuzione di codice in modalita' remota
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for April 2012:
http://technet.microsoft.com/security/bulletin/ms12-apr
Microsoft Security Bulletin:
http://technet.microsoft.com/it-it/security/bulletin/ms12-023
http://technet.microsoft.com/it-it/security/bulletin/ms12-024
http://technet.microsoft.com/it-it/security/bulletin/ms12-025
http://technet.microsoft.com/it-it/security/bulletin/ms12-026
http://technet.microsoft.com/it-it/security/bulletin/ms12-027
http://technet.microsoft.com/it-it/security/bulletin/ms12-028
Microsoft Update:
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Secunia:
http://secunia.com/advisories/48581/
http://secunia.com/advisories/48723/
http://secunia.com/advisories/48785/
http://secunia.com/advisories/48787/
http://secunia.com/advisories/48724/
http://secunia.com/advisories/48786/
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0177
-----BEGIN PGP SIGNATURE-----
iD8DBQFPhVI2wZxMk2USYEIRAvtqAKC3PhO5SRlodgnSbL8Gxbacp5snXwCeIKyO
nYqIAaD/Fot1NoA01iCupKQ=
=ystx
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12018
Data : 11 Aprile 2012
Titolo : Microsoft Security Bullettin April 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 6 bollettini di sicurezza relativi a varie vulnerabilita'
presenti nei sistemi operativi Windows, nel browser Internet Explorer, e in altre applicazioni:
MS12-023 Cumulative Security Update for Internet Explorer (2675157)
MS12-024 Vulnerability in Windows Could Allow Remote Code Execution (2653956)
MS12-025 Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605)
MS12-026 Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
MS12-027 Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258)
MS12-028 Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Sistemi Operativi e Software interessati
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows Server 2003/2008
Microsoft Windows Storage Server 2003
Microsoft Internet Explorer 6.x/7.x/8.x/9.x
Microsoft Office 2007
Microsoft Works 9
Microsoft Works 6-9 File Converter 1.x
Microsoft .NET Framework 1.x/2.x/3.x/4.x
Microsoft Forefront Unified Access Gateway (UAG) 2010
Microsoft BizTalk Server 2002
Microsoft Commerce Server 2002/2007/2009
Microsoft Office 2003
Microsoft Office 2007
Microsoft Office 2010
Microsoft SQL Server 2000/2005/2008
Microsoft Visual Basic 6.x
Microsoft Visual FoxPro 8.x/9.x
:: Impatto
Spoofing
Security Bypass
Accesso al sistema in modalita' remota
Esposizione di informazioni sensibili
Esecuzione di codice in modalita' remota
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for April 2012:
http://technet.microsoft.com/security/bulletin/ms12-apr
Microsoft Security Bulletin:
http://technet.microsoft.com/it-it/security/bulletin/ms12-023
http://technet.microsoft.com/it-it/security/bulletin/ms12-024
http://technet.microsoft.com/it-it/security/bulletin/ms12-025
http://technet.microsoft.com/it-it/security/bulletin/ms12-026
http://technet.microsoft.com/it-it/security/bulletin/ms12-027
http://technet.microsoft.com/it-it/security/bulletin/ms12-028
Microsoft Update:
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
Secunia:
http://secunia.com/advisories/48581/
http://secunia.com/advisories/48723/
http://secunia.com/advisories/48785/
http://secunia.com/advisories/48787/
http://secunia.com/advisories/48724/
http://secunia.com/advisories/48786/
Mitre CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0147
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0151
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0177
-----BEGIN PGP SIGNATURE-----
iD8DBQFPhVI2wZxMk2USYEIRAvtqAKC3PhO5SRlodgnSbL8Gxbacp5snXwCeIKyO
nYqIAaD/Fot1NoA01iCupKQ=
=ystx
-----END PGP SIGNATURE-----