Alert GCSA-20101 - Apple Security Updates (APPLE-SA-2020-11-05)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-20101
Data: 6 Novembre 2020
Titolo: Apple Security Updates (APPLE-SA-2020-11-05)
******************************************************************
:: Descrizione
Apple ha rilasciato degli aggiornamenti di sicurezza che risolvono delle
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.
Tre delle vulnerabilita' (CVE-2020-27930, CVE-2020-27932, CVE-2020-27950)
sono attualmente in corso di sfruttamento.
Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.
:: Software interessato
iOS
iPadOS
watchOS
macOS
tvOS
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aumento dei privilegi
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software alle seguenti versioni:
iOS 12.4.9
iOS 14.2
iPadOS 14.2
watchOS 5.3.9
watchOS 6.2.9
watchOS 7.1
macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update
tvOS 14.2
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT201222
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27910
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27917
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27918
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9974
GARR CERT Newsletter subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFfpQifwZxMk2USYEIRApIEAJ4izvL33SYyTcvxHgkxNVlbgcHQQgCfQao2
EdecAnYdSl4owjIqjUsi24o=
=VsXg
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-20101
Data: 6 Novembre 2020
Titolo: Apple Security Updates (APPLE-SA-2020-11-05)
******************************************************************
:: Descrizione
Apple ha rilasciato degli aggiornamenti di sicurezza che risolvono delle
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.
Tre delle vulnerabilita' (CVE-2020-27930, CVE-2020-27932, CVE-2020-27950)
sono attualmente in corso di sfruttamento.
Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.
:: Software interessato
iOS
iPadOS
watchOS
macOS
tvOS
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aumento dei privilegi
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software alle seguenti versioni:
iOS 12.4.9
iOS 14.2
iPadOS 14.2
watchOS 5.3.9
watchOS 6.2.9
watchOS 7.1
macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update
tvOS 14.2
:: Riferimenti
Apple security updates
https://support.apple.com/en-us/HT201222
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10002
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10003
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10004
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10011
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10016
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13524
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27905
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27910
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27916
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27917
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27918
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27925
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27927
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27929
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9974
GARR CERT Newsletter subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iD8DBQFfpQifwZxMk2USYEIRApIEAJ4izvL33SYyTcvxHgkxNVlbgcHQQgCfQao2
EdecAnYdSl4owjIqjUsi24o=
=VsXg
-----END PGP SIGNATURE-----