Alert GCSA-16015 - Bollettino di Sicurezza Microsoft Marzo 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16015
Data: 10 Marzo 2016
Titolo: Bollettino di Sicurezza Microsoft Marzo 2016
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 13 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
ed in altre applicazioni:
MS16-023 Cumulative Security Update for Internet Explorer (3142015)
MS16-024 Cumulative Security Update for Microsoft Edge (3142019)
MS16-025 Security Update for Windows Library Loading to Address Remote Code Execution (3140709)
MS16-026 Security Update for Graphic Fonts to Address Remote Code Execution (3143148)
MS16-027 Security Update for Windows Media to Address Remote Code Execution (3143146)
MS16-028 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081)
MS16-029 Security Update for Microsoft Office to Address Remote Code Execution (3141806)
MS16-030 Security Update for Windows OLE to Address Remote Code Execution (3143136)
MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)
MS16-032 Security Update for Secondary Logon to Address Elevation of Privilege (3143141)
MS16-033 Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142)
MS16-034 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)
MS16-035 Security Update for .NET Framework to Address Security Feature Bypass (3141780)
Nota per MS16-029
L'aggiornamento di Microsoft Office per Mac 2011 e per Microsoft
Office 2016 per Mac non sono ancora disponibili.
Appena disponibili Microsoft notificherà gli utenti con una revisione
del bolletino in oggetto.
Maggiori dettagli sulle varie vulnerabilità sono disponibili nelle
segnalazioni ufficiali alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Windows
Microsoft Edge
Microsoft .NET Framework
Microsoft Office
Microsoft Server Software
Microsoft Office Services and Web Apps
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Security bypass
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, marzo 2016
https://technet.microsoft.com/library/security/ms16-mar
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-023
https://technet.microsoft.com/library/security/MS16-024
https://technet.microsoft.com/library/security/MS16-025
https://technet.microsoft.com/library/security/MS16-026
https://technet.microsoft.com/library/security/MS16-027
https://technet.microsoft.com/library/security/MS16-028
https://technet.microsoft.com/library/security/MS16-029
https://technet.microsoft.com/library/security/MS16-030
https://technet.microsoft.com/library/security/MS16-031
https://technet.microsoft.com/library/security/MS16-032
https://technet.microsoft.com/library/security/MS16-033
https://technet.microsoft.com/library/security/MS16-034
https://technet.microsoft.com/library/security/MS16-035
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SANS ISC Diary
https://isc.sans.edu/mspatchdays.html?viewday=2016-03-08
I riferimenti CVE sono disponibili
nelle segnalazioni originali.
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlbhUncACgkQwZxMk2USYEJaoACdH2wZ55jrztp9TwMrw+G/r4a7
OhgAn0hTtCjpYm/n+m/kov8xsvXWOOu5
=A/k+
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-16015
Data: 10 Marzo 2016
Titolo: Bollettino di Sicurezza Microsoft Marzo 2016
******************************************************************
:: Descrizione del problema
Microsoft ha rilasciato 13 bollettini di sicurezza relativi
a vulnerabilita' presenti nei sistemi operativi Windows
ed in altre applicazioni:
MS16-023 Cumulative Security Update for Internet Explorer (3142015)
MS16-024 Cumulative Security Update for Microsoft Edge (3142019)
MS16-025 Security Update for Windows Library Loading to Address Remote Code Execution (3140709)
MS16-026 Security Update for Graphic Fonts to Address Remote Code Execution (3143148)
MS16-027 Security Update for Windows Media to Address Remote Code Execution (3143146)
MS16-028 Security Update for Microsoft Windows PDF Library to Address Remote Code Execution (3143081)
MS16-029 Security Update for Microsoft Office to Address Remote Code Execution (3141806)
MS16-030 Security Update for Windows OLE to Address Remote Code Execution (3143136)
MS16-031 Security Update for Microsoft Windows to Address Elevation of Privilege (3140410)
MS16-032 Security Update for Secondary Logon to Address Elevation of Privilege (3143141)
MS16-033 Security Update for Windows USB Mass Storage Class Driver to Address Elevation of Privilege (3143142)
MS16-034 Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145)
MS16-035 Security Update for .NET Framework to Address Security Feature Bypass (3141780)
Nota per MS16-029
L'aggiornamento di Microsoft Office per Mac 2011 e per Microsoft
Office 2016 per Mac non sono ancora disponibili.
Appena disponibili Microsoft notificherà gli utenti con una revisione
del bolletino in oggetto.
Maggiori dettagli sulle varie vulnerabilità sono disponibili nelle
segnalazioni ufficiali alla sezione "Riferimenti".
:: Software interessato
Internet Explorer
Microsoft Windows
Microsoft Edge
Microsoft .NET Framework
Microsoft Office
Microsoft Server Software
Microsoft Office Services and Web Apps
:: Impatto
Esecuzione remota di codice arbitrario
Acquisizione di privilegi piu' elevati
Security bypass
:: Soluzioni
Installare manualmente le patch indicate nei bollettini Microsoft,
oppure utilizzare uno degli strumenti di aggiornamento come:
Aggiornamenti Automatici, Windows Update, Microsoft Update,
Windows Server Update Services, Systems Management Server.
:: Riferimenti
Riepilogo dei bollettini Microsoft sulla sicurezza, marzo 2016
https://technet.microsoft.com/library/security/ms16-mar
Bollettini Microsoft sulla sicurezza
https://technet.microsoft.com/library/security/MS16-023
https://technet.microsoft.com/library/security/MS16-024
https://technet.microsoft.com/library/security/MS16-025
https://technet.microsoft.com/library/security/MS16-026
https://technet.microsoft.com/library/security/MS16-027
https://technet.microsoft.com/library/security/MS16-028
https://technet.microsoft.com/library/security/MS16-029
https://technet.microsoft.com/library/security/MS16-030
https://technet.microsoft.com/library/security/MS16-031
https://technet.microsoft.com/library/security/MS16-032
https://technet.microsoft.com/library/security/MS16-033
https://technet.microsoft.com/library/security/MS16-034
https://technet.microsoft.com/library/security/MS16-035
Microsoft Update
http://windowsupdate.microsoft.com
https://www.update.microsoft.com/
http://support.microsoft.com/kb/294871
SANS ISC Diary
https://isc.sans.edu/mspatchdays.html?viewday=2016-03-08
I riferimenti CVE sono disponibili
nelle segnalazioni originali.
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlbhUncACgkQwZxMk2USYEJaoACdH2wZ55jrztp9TwMrw+G/r4a7
OhgAn0hTtCjpYm/n+m/kov8xsvXWOOu5
=A/k+
-----END PGP SIGNATURE-----