Alert GCSA-17071 - Microsoft Security Update Novembre 2017
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-17071
Data: 17 novembre 2017
Titolo: Microsoft Security Update Novembre 2017
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato nuovi aggiornamenti mirati a risolvere
le vulnerabilità presenti nei sistemi operativi Windows e in vari
software applicativi.
Un attaccante remoto potrebbe sfruttare le vulnerabilità per
prendere il controllo del sistema affetto.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ASP.NET Core and .NET Core
Chakra Core
:: Impatto
Security Bypass
Esecuzione di codice arbitrario
Denial of Service
Accesso ad informazioni sensibili del sistema
Accesso con privilegi utente
:: Soluzioni
Per default l'installazione degli aggiornamenti avviene in
maniera automatica.
Windows Update domande frequenti
https://support.microsoft.com/it-it/help/12373/windows-update-faq
Ulteriori dettagli e known issues nella sezione "Release Notes":
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/bae9d0d8-e497-e711-80e5-000d3a32fc99
:: Riferimenti
Microsoft Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
https://portal.msrc.microsoft.com/en-us/security-guidance
Securitytracker
https://securitytracker.com/id/1039795
https://securitytracker.com/id/1039793
https://securitytracker.com/id/1039792
https://securitytracker.com/id/1039789
https://securitytracker.com/id/1039788
https://securitytracker.com/id/1039787
https://securitytracker.com/id/1039783
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8700
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11877
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11884
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEUEARECAAYFAloPCZQACgkQwZxMk2USYEIo5ACeK4RVduUICPG8pCt6WIrrKaWF
oi0AlRiBm5sGy/O+y0x+jClNpyxpVXQ=
=Ccjm
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-17071
Data: 17 novembre 2017
Titolo: Microsoft Security Update Novembre 2017
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato nuovi aggiornamenti mirati a risolvere
le vulnerabilità presenti nei sistemi operativi Windows e in vari
software applicativi.
Un attaccante remoto potrebbe sfruttare le vulnerabilità per
prendere il controllo del sistema affetto.
Maggiori dettagli sono disponibili nella segnalazione
ufficiale alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Edge
Microsoft Windows
Microsoft Office and Microsoft Office Services and Web Apps
ASP.NET Core and .NET Core
Chakra Core
:: Impatto
Security Bypass
Esecuzione di codice arbitrario
Denial of Service
Accesso ad informazioni sensibili del sistema
Accesso con privilegi utente
:: Soluzioni
Per default l'installazione degli aggiornamenti avviene in
maniera automatica.
Windows Update domande frequenti
https://support.microsoft.com/it-it/help/12373/windows-update-faq
Ulteriori dettagli e known issues nella sezione "Release Notes":
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/bae9d0d8-e497-e711-80e5-000d3a32fc99
:: Riferimenti
Microsoft Security Update Summary
https://portal.msrc.microsoft.com/en-us/security-guidance/summary
https://portal.msrc.microsoft.com/en-us/security-guidance
Securitytracker
https://securitytracker.com/id/1039795
https://securitytracker.com/id/1039793
https://securitytracker.com/id/1039792
https://securitytracker.com/id/1039789
https://securitytracker.com/id/1039788
https://securitytracker.com/id/1039787
https://securitytracker.com/id/1039783
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11854
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11879
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8700
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11788
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11770
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11877
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11878
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11884
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEUEARECAAYFAloPCZQACgkQwZxMk2USYEIo5ACeK4RVduUICPG8pCt6WIrrKaWF
oi0AlRiBm5sGy/O+y0x+jClNpyxpVXQ=
=Ccjm
-----END PGP SIGNATURE-----