Alert GCSA-21014 - Apple Security Updates APPLE-SA-2021-02-01 e aggiornamenti ad APPLE-SA-2021-01-26
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21014
Data: 4 Febbraio 2021
Titolo: Apple Security Updates APPLE-SA-2021-02-01
e aggiornamenti ad APPLE-SA-2021-01-26
******************************************************************
:: Descrizione
Apple ha rilasciato degli aggiornamenti di sicurezza che risolvono delle
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.
Alcune delle vulnerabilita' sono attualmente in corso di sfruttamento.
Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.
NOTA BENE: In questo bollettino ci sono aggiornamenti del bollettino
precedente APPLE-SA-2021-02-26 per quanto riguarda iOS, iPadOS, tvOS e
watchOS, mentre si tratta di un bollettino nuovo, APPLE-SA-2021-02-01
per quanto riguarda macOS Big Sur, Catalina, Mojave.
:: Software interessato
macOS Big Sur inferiore a 11.2
Security Update 2021-001 Catalina
Security Update 2021-001 Mojave
iOS inferiore a 14.4
iPadOS inferiore a 14.4
tvOS ijnferiore a 14.4
watchOS inferiore a 7.3
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aumento dei privilegi
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software alle seguenti versioni:
macOS Big Sur 11.2
Security Update 2021-001 Catalina
Security Update 2021-001 Mojave
iOS 14.4
iPadOS 14.4
tvOS 14.4
watchOS 7.3
:: Riferimenti
Apple security updates
https://support.apple.com/HT212147
https://support.apple.com/en-us/HT212145
https://support.apple.com/en-us/HT212146
https://support.apple.com/en-us/HT212148
https://support.apple.com/en-us/HT212149
US-CERT
https://us-cert.cisa.gov/ncas/current-activity/2021/02/02/apple-releases-security-updates
CIS Center of Internet Security (updated)
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2021-015/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2019-20838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-14155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-15358
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-25709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27904
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-29608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-29614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-29633
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1766
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1771
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1774
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1776
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1785
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1787
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1818
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1870
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1871
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYBv6TgAKCRDBnEyTZRJg
Qq7iAKDb+eam4ZOiqbC5AA1WU8JGlcXraACgoeBBXWynfN8nYOm5T4e1TqPAVbY=
=mOOP
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-21014
Data: 4 Febbraio 2021
Titolo: Apple Security Updates APPLE-SA-2021-02-01
e aggiornamenti ad APPLE-SA-2021-01-26
******************************************************************
:: Descrizione
Apple ha rilasciato degli aggiornamenti di sicurezza che risolvono delle
vulnerabilita' presenti nei sistemi operativi e nelle applicazioni.
Alcune delle vulnerabilita' sono attualmente in corso di sfruttamento.
Per una descrizione degli aggiornamenti consultare le segnalazioni
ufficiali alla sezione 'Riferimenti'.
NOTA BENE: In questo bollettino ci sono aggiornamenti del bollettino
precedente APPLE-SA-2021-02-26 per quanto riguarda iOS, iPadOS, tvOS e
watchOS, mentre si tratta di un bollettino nuovo, APPLE-SA-2021-02-01
per quanto riguarda macOS Big Sur, Catalina, Mojave.
:: Software interessato
macOS Big Sur inferiore a 11.2
Security Update 2021-001 Catalina
Security Update 2021-001 Mojave
iOS inferiore a 14.4
iPadOS inferiore a 14.4
tvOS ijnferiore a 14.4
watchOS inferiore a 7.3
:: Impatto
Esecuzione remota di codice arbitrario
Denial of Service
Aumento dei privilegi
Rivelazione di informazioni riservate
:: Soluzione
Aggiornare i software alle seguenti versioni:
macOS Big Sur 11.2
Security Update 2021-001 Catalina
Security Update 2021-001 Mojave
iOS 14.4
iPadOS 14.4
tvOS 14.4
watchOS 7.3
:: Riferimenti
Apple security updates
https://support.apple.com/HT212147
https://support.apple.com/en-us/HT212145
https://support.apple.com/en-us/HT212146
https://support.apple.com/en-us/HT212148
https://support.apple.com/en-us/HT212149
US-CERT
https://us-cert.cisa.gov/ncas/current-activity/2021/02/02/apple-releases-security-updates
CIS Center of Internet Security (updated)
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2021-015/
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2019-20838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-14155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-15358
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-25709
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27904
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27937
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-27945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-29608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-29614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2020-29633
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1736
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1737
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1738
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1743
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1747
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1750
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1751
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1753
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1754
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1757
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1758
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1759
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1760
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1761
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1763
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1764
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1765
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1766
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1767
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1768
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1769
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1771
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1773
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1774
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1775
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1776
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1782
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1783
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1785
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1787
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1788
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1789
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1818
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1870
https://cve.mitre.org/cgi-bin/cvename.cgi?name=/CVE-2021-1871
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCYBv6TgAKCRDBnEyTZRJg
Qq7iAKDb+eam4ZOiqbC5AA1WU8JGlcXraACgoeBBXWynfN8nYOm5T4e1TqPAVbY=
=mOOP
-----END PGP SIGNATURE-----