Alert GCSA-18011 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-18011
Data : 26 Gennaio 2018
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome
che risolve numerosi bug di sicurezza.
Per una descrizione completa delle vulnerabilita' si rimanda
alla sezione "Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 64.0.3282.119 per Windows, Mac, Linux
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Aggiornare Google Chrome alla versione 64.0.3282.119
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito
ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html
SecurityTracker
https://securitytracker.com/id/1040282
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/01/24/Google-Releases-Security-Update-Chrome
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6054
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlpq+E8ACgkQwZxMk2USYEK2kQCgiElyXpeunOXwleFZsZD8ChFH
L8wAoNq7GOKpVAf9Mh4WaQ0KUXRwK9SE
=HTZ1
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-18011
Data : 26 Gennaio 2018
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome
che risolve numerosi bug di sicurezza.
Per una descrizione completa delle vulnerabilita' si rimanda
alla sezione "Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 64.0.3282.119 per Windows, Mac, Linux
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Aggiornare Google Chrome alla versione 64.0.3282.119
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito
ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2018/01/stable-channel-update-for-desktop_24.html
SecurityTracker
https://securitytracker.com/id/1040282
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/01/24/Google-Releases-Security-Update-Chrome
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6033
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6034
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6036
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6043
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6054
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlpq+E8ACgkQwZxMk2USYEK2kQCgiElyXpeunOXwleFZsZD8ChFH
L8wAoNq7GOKpVAf9Mh4WaQ0KUXRwK9SE
=HTZ1
-----END PGP SIGNATURE-----