Alert GCSA-21099 - Microsoft Security Update Settembre 2021

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

******************************************************************

Alert ID: GCSA-21099
Data: 15 Settembre 2021
Titolo: Microsoft Security Update Settembre 2021

******************************************************************

:: Descrizione del problema

Microsoft ha rilasciato il security update mensile per settembre 2021,
questa versione risolve 60 vulnerabilita', delle quali 4
sono classificate come "critiche".
Una di queste e' la vulnerabilita'
"Microsoft MSHTML Remote Code Execution Vulnerability"
(https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444)
attualmente in corso di sfruttamento, di cui al seguente alert:

Alert GCSA-21093 - Microsoft MSHTML out-of-band Security Alert
(https://www.cert.garr.it/it/alert/security-alerts/listid-1/mailid-2371-alert-gcsa-21093-microsoft-mshtml-out-of-band-security-alert)

Maggiori dettagli sono disponibili alla sezione "Riferimenti".


:: Software interessato

Azure Open Management Infrastructure
Azure Sphere
Dynamics Business Central Control
Microsoft Accessibility Insights for Android
Microsoft Edge (Chromium-based)
Microsoft Edge for Android
Microsoft MPEG-2 Video Extension
Microsoft Office
Microsoft Office Access
Microsoft Office Excel
Microsoft Office SharePoint
Microsoft Office Visio
Microsoft Office Word
Microsoft Windows Codecs Library
Microsoft Windows DNS
Visual Studio
Windows Ancillary Function Driver for WinSock
Windows Authenticode
Windows Bind Filter Driver
Windows BitLocker
Windows Common Log File System Driver
Windows Event Tracing
Windows Installer
Windows Kernel
Windows Key Storage Provider
Windows MSHTML Platform
Windows Print Spooler Components
Windows Redirected Drive Buffering
Windows Scripting
Windows SMB
Windows Storage
Windows Subsystem for Linux
Windows TDX.sys
Windows Update
Windows Win32K
Windows WLAN Auto Config Service
Windows WLAN Service


:: Impatto

Spoofing
Esecuzione remota di codice arbitrario (RCE)
Denial of Service (DoS)
Acquisizione di privilegi piu' elevati (EoP)
Manipolazione dei dati (DM)
Information Disclosure (ID)
Bypass delle funzionalita' di sicurezza (SFB)


:: Soluzioni

Per default l'installazione degli aggiornamenti
avviene in maniera automatica.

Per installare manualmente scegliere
Start > Impostazioni > Aggiornamento e Sicurezza > Windows Update

Verificare di aver installato la versione piu' recente del
Servicing Stack Updates
https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV990001
https://docs.microsoft.com/it-it/windows/deployment/update/servicing-stack-updates

Windows Update domande frequenti
https://support.microsoft.com/en-us/help/12373/windows-update-faq

Gli aggiornamenti sono disponibili anche tramite il catalogo di Microsoft Update
https://www.catalog.update.microsoft.com/

Gli utenti che utilizzano ancora Windows 7, Windows Server 2008 o 2008 R2
devono acquistare l'Extended Security Update per continuare a ricevere gli aggiornamenti
https://support.microsoft.com/en-hk/help/4522133/procedure-to-continue-receiving-security-updates


:: Riferimenti

Microsoft Security Updates - Release Notes
https://msrc.microsoft.com/update-guide/releaseNote/2021-Sep

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30607
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30611
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30612
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30613
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30617
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30619
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30620
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30621
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30623
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36969
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36972
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38624
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38632
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38635
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38644
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38645
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38646
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38649
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38650
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38655
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38656
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38657
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38658
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38659
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38660
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38667
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40448


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert

-----BEGIN PGP SIGNATURE-----

iD8DBQFhQezHwZxMk2USYEIRApFvAJ4gWnsdZRybIQSlAtI8AYXRD3Y8tgCg27uS
uEf5j+yxyrXaaayTXcMQbGg=
=d7q5
-----END PGP SIGNATURE-----