Alert GCSA-17074 - Vulnerabilita' in Google Chrome
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-17074
Data : 07 dicembre 2017
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome
che risolve 37 bug di sicurezza.
Per una descrizione completa delle vulnerabilita' si rimanda
alla sezione "Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 63.0.3239.84 per Windows, Mac, Linux
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Aggiornare Google Chrome alla versione 63.0.3239.84
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito
ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2017/12/06/Google-Releases-Security-Update-Chrome
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15427
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlopW0wACgkQwZxMk2USYEI/ggCgu77kaUP3vDHwie7wnXqLvJ+b
Dt8An0D81mhdGDpQyUhn7liz2eJfirqh
=TsFV
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID : GCSA-17074
Data : 07 dicembre 2017
Titolo : Vulnerabilita' in Google Chrome
******************************************************************
:: Descrizione del problema
Google ha rilasciato una nuova versione del browser Chrome
che risolve 37 bug di sicurezza.
Per una descrizione completa delle vulnerabilita' si rimanda
alla sezione "Riferimenti".
:: Software interessato
Google Chrome versioni precedenti alla 63.0.3239.84 per Windows, Mac, Linux
:: Impatto
Esecuzione remota di codice arbitrario
:: Soluzioni
Aggiornare Google Chrome alla versione 63.0.3239.84
L'aggiornamento sara' automatico per tutte le installazioni
in cui non sia stato disattivata l'opzione "aggiornamento
automatico".
Per l'installazione manuale scaricare il software dal sito
ufficiale:
http://www.google.com/chrome/?hl=it
:: Riferimenti
Google Chrome Advisory
https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2017/12/06/Google-Releases-Security-Update-Chrome
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15407
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15408
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15409
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15410
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15415
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15418
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15420
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15424
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15427
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlopW0wACgkQwZxMk2USYEI/ggCgu77kaUP3vDHwie7wnXqLvJ+b
Dt8An0D81mhdGDpQyUhn7liz2eJfirqh
=TsFV
-----END PGP SIGNATURE-----