Alert GCSA-17016 - Vulnerabilità multiple in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
*****************************************************************
Alert ID : GCSA-17016
Data : 13 Marzo 2017
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve
alcune vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla
sezione 'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 57.0.2987.98 per Windows e Mac e
per Linux
:: Impatto
Esecuzione remota di codice arbitrario
Bypass di restrizioni di sicurezza
Controllo completo della macchina affetta
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non
sia stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2017/03/09/Google-Releases-Security-Update-Chrome
SecurityFocus
http://www.securityfocus.com/bid/96767
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAljGnpYACgkQwZxMk2USYEIVzACfW9KbcNVDjBdNa1s12NOu9+oe
bQ0AnR1q2jCMiM4G1l5EEgTwKwyjQ3Zn
=9ZXm
-----END PGP SIGNATURE-----
Hash: SHA1
*****************************************************************
Alert ID : GCSA-17016
Data : 13 Marzo 2017
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome che risolve
alcune vulnerabilita' presenti del software.
Per una descrizione completa delle vulnerabilita' si rimanda alla
sezione 'Riferimenti'.
:: Software interessato
Google Chrome versioni precedenti alla 57.0.2987.98 per Windows e Mac e
per Linux
:: Impatto
Esecuzione remota di codice arbitrario
Bypass di restrizioni di sicurezza
Controllo completo della macchina affetta
:: Soluzioni
Aggiornare Google Chrome all'ultima versione
L'aggiornamento sara' automatico per tutte le installazioni in cui non
sia stato disattivata l'opzione 'aggiornamento automatico'.
Per l'installazione manuale scaricare il software dal sito ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2017/03/09/Google-Releases-Security-Update-Chrome
SecurityFocus
http://www.securityfocus.com/bid/96767
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5046
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAljGnpYACgkQwZxMk2USYEIVzACfW9KbcNVDjBdNa1s12NOu9+oe
bQ0AnR1q2jCMiM4G1l5EEgTwKwyjQ3Zn
=9ZXm
-----END PGP SIGNATURE-----