Alert GCSA-12021 - Java for OS X 2012-003 and Java for Mac OS X 10.6
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12021
Data : 17 aprile 2012
Titolo : Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 (Flashback malware)
******************************************************************
:: Descrizione del problema
Sono state rilevate varie vulnerabilita' in Java per Mac OS X,
la piu' grave delle quali potrebbe consentire l'esecuzione
di codice arbitrario ad applet Java non affidabili,
durante la navigazione su pagine web artefatte.
Apple ha rilasciato un aggiornamento per Java
che contiene anche un tool di rimozione delle varianti
piu' comuni del malware Flashback.
:: Software interessati
OS X Lion v10.7.3 e precedenti
OS X Lion Server v10.7.3 e precedenti
Mac OS X v10.6.8 e precedenti
Mac OS X Server v10.6.8 e precedenti
:: Impatto
Security Bypass
Privilege escalation
Denial of Service
Accesso al sistema
Esposizione di informazioni sensibili
:: Soluzione
Aggiornare a Java SE 6 version 1.6.0_31
L'upgrade puo' essere installato tramite il
Software Update pane in System Preferences,
o attraverso il sito web Apple:
http://www.apple.com/support/downloads/
Mac OS X: Updating your software
http://support.apple.com/kb/HT1338
Se non utilizzate gli applet Java e' consigliabile
disabilitare il Java web plug-in nel browser.
Per maggiori informazioni su come disabilitare
Java in Safari consultare la seguente pagina:
http://support.apple.com/kb/HT5241
:: Riferimenti
Apple - Java for OS X Lion 2012-003
http://support.apple.com/kb/DL1515
Apple - About Java for Mac OS X 10.6 Update 8
http://support.apple.com/kb/DL1516
Apple - About the security content of Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8
http://support.apple.com/kb/HT5247
APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8
http://prod.lists.apple.com/archives/security-announce/2012/Apr/msg00001.html
Apple - Flashback malware removal tool
http://support.apple.com/kb/HT5254
http://support.apple.com/kb/DL1517
APPLE-SA-2012-04-13-1 Flashback malware removal tool
http://prod.lists.apple.com/archives/security-announce/2012/Apr/msg00002.html
Oracle Java Update Release Notes
http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html
ISC SANS Diary
http://isc.sans.edu/diary.html?storyid=12991
http://isc.sans.edu/diary.html?storyid=12973
http://isc.sans.edu/diary.html?storyid=12889
http://isc.sans.edu/diary.html?storyid=12709
http://isc.sans.edu/diary.html?storyid=12664
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507
SecurityFocus
http://www.securityfocus.com/bid/50215
Detect and Remove Flashback
http://www.flashbackcheck.com/
https://www.drweb.com/flashback
http://www.f-secure.com/weblog/archives/00002346.html
http://support.kaspersky.com/viruses/utility
-----BEGIN PGP SIGNATURE-----
iD8DBQFPjYS9wZxMk2USYEIRAl2EAKCoVI6w2SmBBN79v6T88UPApr4aRACggaMc
+cvxI2ZYPmtnvc6Bk2ySwaw=
=n40v
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12021
Data : 17 aprile 2012
Titolo : Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 (Flashback malware)
******************************************************************
:: Descrizione del problema
Sono state rilevate varie vulnerabilita' in Java per Mac OS X,
la piu' grave delle quali potrebbe consentire l'esecuzione
di codice arbitrario ad applet Java non affidabili,
durante la navigazione su pagine web artefatte.
Apple ha rilasciato un aggiornamento per Java
che contiene anche un tool di rimozione delle varianti
piu' comuni del malware Flashback.
:: Software interessati
OS X Lion v10.7.3 e precedenti
OS X Lion Server v10.7.3 e precedenti
Mac OS X v10.6.8 e precedenti
Mac OS X Server v10.6.8 e precedenti
:: Impatto
Security Bypass
Privilege escalation
Denial of Service
Accesso al sistema
Esposizione di informazioni sensibili
:: Soluzione
Aggiornare a Java SE 6 version 1.6.0_31
L'upgrade puo' essere installato tramite il
Software Update pane in System Preferences,
o attraverso il sito web Apple:
http://www.apple.com/support/downloads/
Mac OS X: Updating your software
http://support.apple.com/kb/HT1338
Se non utilizzate gli applet Java e' consigliabile
disabilitare il Java web plug-in nel browser.
Per maggiori informazioni su come disabilitare
Java in Safari consultare la seguente pagina:
http://support.apple.com/kb/HT5241
:: Riferimenti
Apple - Java for OS X Lion 2012-003
http://support.apple.com/kb/DL1515
Apple - About Java for Mac OS X 10.6 Update 8
http://support.apple.com/kb/DL1516
Apple - About the security content of Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8
http://support.apple.com/kb/HT5247
APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8
http://prod.lists.apple.com/archives/security-announce/2012/Apr/msg00001.html
Apple - Flashback malware removal tool
http://support.apple.com/kb/HT5254
http://support.apple.com/kb/DL1517
APPLE-SA-2012-04-13-1 Flashback malware removal tool
http://prod.lists.apple.com/archives/security-announce/2012/Apr/msg00002.html
Oracle Java Update Release Notes
http://www.oracle.com/technetwork/java/javase/releasenotes-136954.html
ISC SANS Diary
http://isc.sans.edu/diary.html?storyid=12991
http://isc.sans.edu/diary.html?storyid=12973
http://isc.sans.edu/diary.html?storyid=12889
http://isc.sans.edu/diary.html?storyid=12709
http://isc.sans.edu/diary.html?storyid=12664
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3563
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0497
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0499
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0500
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0502
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0503
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0505
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0506
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0507
SecurityFocus
http://www.securityfocus.com/bid/50215
Detect and Remove Flashback
http://www.flashbackcheck.com/
https://www.drweb.com/flashback
http://www.f-secure.com/weblog/archives/00002346.html
http://support.kaspersky.com/viruses/utility
-----BEGIN PGP SIGNATURE-----
iD8DBQFPjYS9wZxMk2USYEIRAl2EAKCoVI6w2SmBBN79v6T88UPApr4aRACggaMc
+cvxI2ZYPmtnvc6Bk2ySwaw=
=n40v
-----END PGP SIGNATURE-----