Alert GCSA-23032 - Vulnerabilita' multiple in Microsoft Edge


******************************************************************

Alert ID: GCSA-23032
Data: 14 Marzo 2023
Titolo: Vulnerabilita' multiple in Microsoft Edge

******************************************************************

:: Descrizione del problema

Sono state identificate vulnerabilita' multiple in Microsoft Edge
che potrebbero essere sfruttate da un attaccante remoto per
eseguire codice arbitrario, innescare condizioni di Denial of Service,
rivelare informazioni riservate, consentire lo spoofing e
oltrepassare restrizioni di sicurezza su un sistema che ne sia affetto.

Maggiori dettagli sono disponibili alla sezione "Riferimenti".


:: Software interessato

Microsoft Edge Stable versioi precedenti alla 111.0.1661.41
Microsoft Edge Extended Stable versioni precedenti alla 110.0.1587.69


:: Impatto

Remote Code Execution
Denial of Service
Security Restriction Bypass
Information Disclosure
Spoofing


:: Soluzioni

Aggiornare il software alle versioni
111.0.1661.41 o successive
110.0.1587.69 o successive


:: Riferimenti

Microsoft Security Updates
https://msrc.microsoft.com/update-guide/vulnerability/

Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1213
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1214
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1215
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1216
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1217
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1218
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1219
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1220
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1222
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1229
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1230
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1231
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1236


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iD8DBQFkEDc1wZxMk2USYEIRCE/SAKCxdsghQKjsmlRd8mHGGdm/4G9KAQCfeiNW
+ACkozElUS8QytFXHn1WiT0=
=ByXO
-----END PGP SIGNATURE-----