Alert GCSA-12062 - Microsoft Security Bullettin October 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12062
Data : 10 Ottobre 2012
Titolo : Microsoft Security Bullettin October 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 7 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS12-064 Vulnerabilities in Microsoft Word (2742319)
MS12-065 Vulnerability in Microsoft Works (2754670)
MS12-066 Vulnerability in HTML Sanitization Component (2741517)
MS12-067 Vulnerabilities in FAST Search Server 2010 for SharePoint
(2742321)
MS12-068 Vulnerability in Windows Kernel (2724197)
MS12-069 Vulnerability in Kerberos (2743555)
MS12-070 Vulnerability in SQL Server (2754849)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Sistemi e applicazioni interessati
Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint
2007 File Formats
Microsoft Office Web Apps
Microsoft Office Word 2007
Microsoft Office Word Viewer
Microsoft SharePoint Server 2010
Microsoft Word 2003
Microsoft Word 2010
Microsoft SQL Server 2000
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2008
Microsoft SQL Server 2012
Microsoft Works 9.x
Microsoft Groove Server 2010
Microsoft InfoPath 2010
Microsoft Lync 2010
Microsoft Office Communicator 2007
Microsoft Office InfoPath 2007
Microsoft Office Web Apps
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Server 2007
Microsoft SharePoint Server 2010
Microsoft Windows SharePoint Services 3.x
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - ottobre 2012
http://technet.microsoft.com/it-it/security/bulletin/ms12-oct
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS12-064
http://technet.microsoft.com/it-it/security/bulletin/MS12-065
http://technet.microsoft.com/it-it/security/bulletin/MS12-066
http://technet.microsoft.com/it-it/security/bulletin/MS12-067
http://technet.microsoft.com/it-it/security/bulletin/MS12-068
http://technet.microsoft.com/it-it/security/bulletin/MS12-069
http://technet.microsoft.com/it-it/security/bulletin/MS12-070
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SecurityFocus BID
http://www.securityfocus.com/bid/55793
http://www.securityfocus.com/bid/55778
http://www.securityfocus.com/bid/55780
http://www.securityfocus.com/bid/55781
http://www.securityfocus.com/bid/55783
http://www.securityfocus.com/bid/55796
http://www.securityfocus.com/bid/55797
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=14272
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2529
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2520
-----BEGIN PGP SIGNATURE-----
iD8DBQFQdZMMwZxMk2USYEIRAlEkAJ40ENbFCuOMTZLzapSBgBeQ8eGWewCfZ0iK
/tg7cJjORVywcxx/JivQpQw=
=tgvU
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12062
Data : 10 Ottobre 2012
Titolo : Microsoft Security Bullettin October 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 7 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
e in altre applicazioni:
MS12-064 Vulnerabilities in Microsoft Word (2742319)
MS12-065 Vulnerability in Microsoft Works (2754670)
MS12-066 Vulnerability in HTML Sanitization Component (2741517)
MS12-067 Vulnerabilities in FAST Search Server 2010 for SharePoint
(2742321)
MS12-068 Vulnerability in Windows Kernel (2724197)
MS12-069 Vulnerability in Kerberos (2743555)
MS12-070 Vulnerability in SQL Server (2754849)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Sistemi e applicazioni interessati
Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office 2010
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint
2007 File Formats
Microsoft Office Web Apps
Microsoft Office Word 2007
Microsoft Office Word Viewer
Microsoft SharePoint Server 2010
Microsoft Word 2003
Microsoft Word 2010
Microsoft SQL Server 2000
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition
Microsoft SQL Server 2008
Microsoft SQL Server 2012
Microsoft Works 9.x
Microsoft Groove Server 2010
Microsoft InfoPath 2010
Microsoft Lync 2010
Microsoft Office Communicator 2007
Microsoft Office InfoPath 2007
Microsoft Office Web Apps
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Server 2007
Microsoft SharePoint Server 2010
Microsoft Windows SharePoint Services 3.x
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Denial of Service
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza - ottobre 2012
http://technet.microsoft.com/it-it/security/bulletin/ms12-oct
Bollettini Microsoft sulla sicurezza
http://technet.microsoft.com/it-it/security/bulletin/MS12-064
http://technet.microsoft.com/it-it/security/bulletin/MS12-065
http://technet.microsoft.com/it-it/security/bulletin/MS12-066
http://technet.microsoft.com/it-it/security/bulletin/MS12-067
http://technet.microsoft.com/it-it/security/bulletin/MS12-068
http://technet.microsoft.com/it-it/security/bulletin/MS12-069
http://technet.microsoft.com/it-it/security/bulletin/MS12-070
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SecurityFocus BID
http://www.securityfocus.com/bid/55793
http://www.securityfocus.com/bid/55778
http://www.securityfocus.com/bid/55780
http://www.securityfocus.com/bid/55781
http://www.securityfocus.com/bid/55783
http://www.securityfocus.com/bid/55796
http://www.securityfocus.com/bid/55797
SANS ISC Diary
http://isc.sans.edu/diary.html?storyid=14272
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2529
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2551
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2528
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2550
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2520
-----BEGIN PGP SIGNATURE-----
iD8DBQFQdZMMwZxMk2USYEIRAlEkAJ40ENbFCuOMTZLzapSBgBeQ8eGWewCfZ0iK
/tg7cJjORVywcxx/JivQpQw=
=tgvU
-----END PGP SIGNATURE-----