Alert GCSA-12014 - Microsoft Security Bullettin March 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12014
Data : 14 Marzo 2012
Titolo : Microsoft Security Bullettin March 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 6 bollettini di sicurezza relativi a
varie vulnerabilita' presenti nei sistemi operativi Windows e
nel software Microsoft per sviluppatori:
MS12-017 Vulnerability in DNS Server (2647170)
MS12-018 Vulnerability in Windows Kernel-Mode Drivers (2641653)
MS12-019 Vulnerability in DirectWrite (2665364)
MS12-020 Vulnerabilities in Remote Desktop (2671387)
MS12-021 Vulnerability in Visual Studio (2651019)
MS12-022 Vulnerability in Expression Design (2651018)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Sistemi Operativi e Software interessati
Windows XP
Windows Vista
Windows 7
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Microsoft Visual Studio
Microsoft Expression Design
:: Impatto
Esecuzione di codice in modalit remota
Denial of Service
Acquisizione di privilegi piu' elevati
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for March 2012
http://technet.microsoft.com/security/bulletin/ms12-mar
Microsoft Security Bulletin
http://technet.microsoft.com/it-it/security/bulletin/ms12-017
http://technet.microsoft.com/it-it/security/bulletin/ms12-018
http://technet.microsoft.com/it-it/security/bulletin/ms12-019
http://technet.microsoft.com/it-it/security/bulletin/ms12-020
http://technet.microsoft.com/it-it/security/bulletin/ms12-021
http://technet.microsoft.com/it-it/security/bulletin/ms12-022
http://technet.microsoft.com/it-it/security/bulletin/ms12-023
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Secunia
http://secunia.com/advisories/48396/
http://secunia.com/advisories/48394/
http://secunia.com/advisories/48395/
http://secunia.com/advisories/48361/
http://secunia.com/advisories/47919/
http://secunia.com/advisories/48353/
SANS ISC Diary
https://isc.sans.edu/diary.html?storyid=12775
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0016
-----BEGIN PGP SIGNATURE-----
iQCVAwUBT2C2VPOB+SpikaiRAQLebwP/QBoRi8RQ8n0n4nv7+CGtDlPy2sw5j72m
C4xB+EavtjFLqByVGP0b2M0Mcqba4Yuxg63o6XfiM/1uSYMIpbTrLJKHxxZwsbOz
AQ3jjQ+kK3VUdwoJUGd3rbpr3KqiBWr1JBX9BV5znoe5UtDYyZrlh+Htf4o98UFg
eiA9VfAcsPY=
=pkcI
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-12014
Data : 14 Marzo 2012
Titolo : Microsoft Security Bullettin March 2012
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 6 bollettini di sicurezza relativi a
varie vulnerabilita' presenti nei sistemi operativi Windows e
nel software Microsoft per sviluppatori:
MS12-017 Vulnerability in DNS Server (2647170)
MS12-018 Vulnerability in Windows Kernel-Mode Drivers (2641653)
MS12-019 Vulnerability in DirectWrite (2665364)
MS12-020 Vulnerabilities in Remote Desktop (2671387)
MS12-021 Vulnerability in Visual Studio (2651019)
MS12-022 Vulnerability in Expression Design (2651018)
Maggiori dettagli sono disponibili nella segnalazioni ufficiali
alla sezione "Riferimenti".
:: Sistemi Operativi e Software interessati
Windows XP
Windows Vista
Windows 7
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Microsoft Visual Studio
Microsoft Expression Design
:: Impatto
Esecuzione di codice in modalit remota
Denial of Service
Acquisizione di privilegi piu' elevati
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Microsoft Security Bulletin Summary for March 2012
http://technet.microsoft.com/security/bulletin/ms12-mar
Microsoft Security Bulletin
http://technet.microsoft.com/it-it/security/bulletin/ms12-017
http://technet.microsoft.com/it-it/security/bulletin/ms12-018
http://technet.microsoft.com/it-it/security/bulletin/ms12-019
http://technet.microsoft.com/it-it/security/bulletin/ms12-020
http://technet.microsoft.com/it-it/security/bulletin/ms12-021
http://technet.microsoft.com/it-it/security/bulletin/ms12-022
http://technet.microsoft.com/it-it/security/bulletin/ms12-023
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
Secunia
http://secunia.com/advisories/48396/
http://secunia.com/advisories/48394/
http://secunia.com/advisories/48395/
http://secunia.com/advisories/48361/
http://secunia.com/advisories/47919/
http://secunia.com/advisories/48353/
SANS ISC Diary
https://isc.sans.edu/diary.html?storyid=12775
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0002
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0016
-----BEGIN PGP SIGNATURE-----
iQCVAwUBT2C2VPOB+SpikaiRAQLebwP/QBoRi8RQ8n0n4nv7+CGtDlPy2sw5j72m
C4xB+EavtjFLqByVGP0b2M0Mcqba4Yuxg63o6XfiM/1uSYMIpbTrLJKHxxZwsbOz
AQ3jjQ+kK3VUdwoJUGd3rbpr3KqiBWr1JBX9BV5znoe5UtDYyZrlh+Htf4o98UFg
eiA9VfAcsPY=
=pkcI
-----END PGP SIGNATURE-----