Alert GCSA-12035 - Microsoft Security Bullettin July 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12035
Data : 11 Luglio 2012
Titolo : Microsoft Security Bullettin July 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 9 bollettini di sicurezza relativi
a varie vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS12-043 Vulnerability in Microsoft XML Core Services (2722479)
MS12-044 Cumulative Security Update for Internet Explorer (2719177)
MS12-045 Vulnerability in Microsoft Data Access Components (2698365)
MS12-046 Vulnerability in Visual Basic for Applications (2707960)
MS12-047 Vulnerabilities in Windows Kernel-Mode Drivers (2718523)
MS12-048 Vulnerability in Windows Shell (2691442)
MS12-049 Vulnerability in TLS (2655992)
MS12-050 Vulnerabilities in SharePoint (2695502)
MS12-051 Vulnerability in Microsoft Office for Mac (2721015)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft XML core services
Microsoft Data Access Components (MDAC)
Microsoft Internet Explorer
Microsoft Office Web Apps 2010
Microsoft Groove Server 2010
Microsoft Office SharePoint Server
Microsoft InfoPath
Microsoft Office for Mac 2011
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Esposizione di informazioni sensibili
Elusione di configurazioni di sicurezza
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - luglio 2012
http://technet.microsoft.com/it-it/security/bulletin/ms12-jul
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS12-043
http://technet.microsoft.com/it-it/security/bulletin/MS12-044
http://technet.microsoft.com/it-it/security/bulletin/MS12-045
http://technet.microsoft.com/it-it/security/bulletin/MS12-046
http://technet.microsoft.com/it-it/security/bulletin/MS12-047
http://technet.microsoft.com/it-it/security/bulletin/MS12-048
http://technet.microsoft.com/it-it/security/bulletin/MS12-049
http://technet.microsoft.com/it-it/security/bulletin/MS12-050
http://technet.microsoft.com/it-it/security/bulletin/MS12-051
Microsoft Knowledge Base
http://support.microsoft.com/kb/2722479
http://support.microsoft.com/kb/2719177
http://support.microsoft.com/kb/2698365
http://support.microsoft.com/kb/2707960
http://support.microsoft.com/kb/2718523
http://support.microsoft.com/kb/2691442
http://support.microsoft.com/kb/2655992
http://support.microsoft.com/kb/2695502
http://support.microsoft.com/kb/2721015
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1859
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1894
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=13642
-----BEGIN PGP SIGNATURE-----
iD8DBQFP/Y32wZxMk2USYEIRApDdAKDIyMiZJJ28TEmKAbXByozpXRB8lgCgsaNx
BURMRJBGei74GtdMd+ZM2Fw=
=0fku
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12035
Data : 11 Luglio 2012
Titolo : Microsoft Security Bullettin July 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 9 bollettini di sicurezza relativi
a varie vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS12-043 Vulnerability in Microsoft XML Core Services (2722479)
MS12-044 Cumulative Security Update for Internet Explorer (2719177)
MS12-045 Vulnerability in Microsoft Data Access Components (2698365)
MS12-046 Vulnerability in Visual Basic for Applications (2707960)
MS12-047 Vulnerabilities in Windows Kernel-Mode Drivers (2718523)
MS12-048 Vulnerability in Windows Shell (2691442)
MS12-049 Vulnerability in TLS (2655992)
MS12-050 Vulnerabilities in SharePoint (2695502)
MS12-051 Vulnerability in Microsoft Office for Mac (2721015)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Software interessato
Microsoft Windows
Microsoft XML core services
Microsoft Data Access Components (MDAC)
Microsoft Internet Explorer
Microsoft Office Web Apps 2010
Microsoft Groove Server 2010
Microsoft Office SharePoint Server
Microsoft InfoPath
Microsoft Office for Mac 2011
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Esposizione di informazioni sensibili
Elusione di configurazioni di sicurezza
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - luglio 2012
http://technet.microsoft.com/it-it/security/bulletin/ms12-jul
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS12-043
http://technet.microsoft.com/it-it/security/bulletin/MS12-044
http://technet.microsoft.com/it-it/security/bulletin/MS12-045
http://technet.microsoft.com/it-it/security/bulletin/MS12-046
http://technet.microsoft.com/it-it/security/bulletin/MS12-047
http://technet.microsoft.com/it-it/security/bulletin/MS12-048
http://technet.microsoft.com/it-it/security/bulletin/MS12-049
http://technet.microsoft.com/it-it/security/bulletin/MS12-050
http://technet.microsoft.com/it-it/security/bulletin/MS12-051
Microsoft Knowledge Base
http://support.microsoft.com/kb/2722479
http://support.microsoft.com/kb/2719177
http://support.microsoft.com/kb/2698365
http://support.microsoft.com/kb/2707960
http://support.microsoft.com/kb/2718523
http://support.microsoft.com/kb/2691442
http://support.microsoft.com/kb/2655992
http://support.microsoft.com/kb/2695502
http://support.microsoft.com/kb/2721015
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1522
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1891
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1890
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1893
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0175
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1870
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1858
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1859
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1860
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1861
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1862
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1863
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1894
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=13642
-----BEGIN PGP SIGNATURE-----
iD8DBQFP/Y32wZxMk2USYEIRApDdAKDIyMiZJJ28TEmKAbXByozpXRB8lgCgsaNx
BURMRJBGei74GtdMd+ZM2Fw=
=0fku
-----END PGP SIGNATURE-----