Alert GCSA-22104 - Apple Security Updates APPLE-SA-2022-09-12
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-22104
data: 13 settembre 2022
titolo: Apple Security Updates APPLE-SA-2022-09-12
******************************************************************
:: Descrizione del problema
Apple ha rilasciato i seguenti aggiornamenti di sicurezza
per risolvere varie vulnerabilita' software presenti nei
sistemi operativi e nelle applicazioni di cui una 0-day.
APPLE-SA-2022-09-12-1 iOS 16
APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7
APPLE-SA-2022-09-12-3 macOS Big Sur 11.7
APPLE-SA-2022-09-12-4 macOS Monterey 12.6
APPLE-SA-2022-09-12-5 Safari 16
NB: le CVE-2022-32917 e CVE-2022-32894 sono al momento ampiamente
sfruttate in rete
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
iOS versioni precedenti alla 15.7
iPadOS versioni precedenti alla 15.7
macOS Monterey versioni precedenti alla 12.6
macOS Big Sur versioni precedenti alla 11.7
Safari browser versioni precedenti alla 16
:: Impatto
Rivelazione di informazioni (ID)
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
Denial of Service (DoS)
Spoofing
:: Soluzione
Aggiornare il software alle ultime versioni
iOS 16 o 15.7
iPadOS 15.7
macOS Monterey 12.6
macOS Big Sur 11.7
Safari browser 16
Aggiornare il software sul Mac
https://support.apple.com/it-it/HT201541
Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac
Aggiornare iPhone, iPad o iPod touch
https://support.apple.com/it-it/HT204204
https://www.apple.com/itunes/
L'aggiornamento e' disponibile tramite iTunes e
"Aggiornamento software" sul tuo dispositivo iOS
e non verra' visualizzato nell'applicazione
"Aggiornamento software" del tuo computer o nel
sito di download di Apple. Assicurati di aver
installato l'ultima versione di iTunes da
https://www.apple.com/itunes/
:: Riferimenti
Aggiornamenti di sicurezza Apple
https://support.apple.com/it-it/HT201222
https://support.apple.com/kb/HT213442
https://support.apple.com/kb/HT213446
https://support.apple.com/kb/HT213444
https://support.apple.com/kb/HT213443
https://support.apple.com/kb/HT213445
CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-di-sicurezza-apple-al01-220913-csirt-ita
CIS - Center for Internet Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2022-112
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32894
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32896
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32908
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32917
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmMhh5IACgkQwZxMk2USYEIB5wCfTjHqz225gDr4qQTCidKXTzhR
7RgAn2AIpExiEYqLW54SjqSdQBxaVYko
=r/Wd
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-22104
data: 13 settembre 2022
titolo: Apple Security Updates APPLE-SA-2022-09-12
******************************************************************
:: Descrizione del problema
Apple ha rilasciato i seguenti aggiornamenti di sicurezza
per risolvere varie vulnerabilita' software presenti nei
sistemi operativi e nelle applicazioni di cui una 0-day.
APPLE-SA-2022-09-12-1 iOS 16
APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7
APPLE-SA-2022-09-12-3 macOS Big Sur 11.7
APPLE-SA-2022-09-12-4 macOS Monterey 12.6
APPLE-SA-2022-09-12-5 Safari 16
NB: le CVE-2022-32917 e CVE-2022-32894 sono al momento ampiamente
sfruttate in rete
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
iOS versioni precedenti alla 15.7
iPadOS versioni precedenti alla 15.7
macOS Monterey versioni precedenti alla 12.6
macOS Big Sur versioni precedenti alla 11.7
Safari browser versioni precedenti alla 16
:: Impatto
Rivelazione di informazioni (ID)
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
Denial of Service (DoS)
Spoofing
:: Soluzione
Aggiornare il software alle ultime versioni
iOS 16 o 15.7
iPadOS 15.7
macOS Monterey 12.6
macOS Big Sur 11.7
Safari browser 16
Aggiornare il software sul Mac
https://support.apple.com/it-it/HT201541
Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac
Aggiornare iPhone, iPad o iPod touch
https://support.apple.com/it-it/HT204204
https://www.apple.com/itunes/
L'aggiornamento e' disponibile tramite iTunes e
"Aggiornamento software" sul tuo dispositivo iOS
e non verra' visualizzato nell'applicazione
"Aggiornamento software" del tuo computer o nel
sito di download di Apple. Assicurati di aver
installato l'ultima versione di iTunes da
https://www.apple.com/itunes/
:: Riferimenti
Aggiornamenti di sicurezza Apple
https://support.apple.com/it-it/HT201222
https://support.apple.com/kb/HT213442
https://support.apple.com/kb/HT213446
https://support.apple.com/kb/HT213444
https://support.apple.com/kb/HT213443
https://support.apple.com/kb/HT213445
CSIRT Italia
https://www.csirt.gov.it/contenuti/aggiornamenti-di-sicurezza-apple-al01-220913-csirt-ita
CIS - Center for Internet Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-apple-products-could-allow-for-arbitrary-code-execution_2022-112
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32854
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32864
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32868
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32886
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32894
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32896
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32900
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32902
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32908
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32912
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32917
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEAREIAAYFAmMhh5IACgkQwZxMk2USYEIB5wCfTjHqz225gDr4qQTCidKXTzhR
7RgAn2AIpExiEYqLW54SjqSdQBxaVYko
=r/Wd
-----END PGP SIGNATURE-----