Alert GCSA-23066 - Apple Security Updates APPLE-SA-2023-05-18

-----BEGIN PGP SIGNED MESSAGE-----

******************************************************************

Alert ID: GCSA-23066
Data: 19 Maggio 2023
Titolo: Apple Security Updates APPLE-SA-2023-05-18

******************************************************************

:: Descrizione del problema

Apple ha rilasciato i seguenti aggiornamenti di sicurezza
per risolvere alcune vulnerabilita' presenti nei sistemi operativi
e nelle applicazioni.

APPLE-SA-2023-05-18-1 iOS 16.5 and iPadOS 16.5
APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6
APPLE-SA-2023-05-18-3 macOS Ventura 13.4
APPLE-SA-2023-05-18-4 macOS Monterey 12.6.6
APPLE-SA-2023-05-18-5 macOS Big Sur 11.7.7
APPLE-SA-2023-05-18-6 tvOS 16.5
APPLE-SA-2023-05-18-7 watchOS 9.5
APPLE-SA-2023-05-18-8 Safari 16.5


Le vulnerabilita' CVE-2023-32409, CVE-2023-28204 e CVE-2023-32373
risultano attualmente in corso di sfruttamento.

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Software interessato

iOS e iPadOS versioni precedenti alla 16.5
iOS e iPadOS versioni precedenti alla 15.7.6
macOS Ventura versioni precedenti alla 13.4
macOS Monterey versioni precedenti alla 12.6.6
macOS Big Sur versioni precedenti alla 11.7.7
Safari browser versioni precedenti alla 16.5
tvOS versioni precedenti alla 16.5
watchOS versioni precedenti alla 9.5


:: Impatto

Denial of Service
Elevation of Privilege
Remote Code Execution
Information Disclosure
Security Restriction Bypass


:: Soluzione

Aggiornare il software alle ultime versioni

iOS e iPadOS 16.5
iOS e iPadOS 15.7.6
macOS Ventura 13.4
macOS Monterey 12.6.6
macOS Big Sur 11.7.7
Safari browser 16.5
tvOS 16.5
watchOS 9.5

Aggiornare il software sul Mac
https://support.apple.com/it-it/HT201541

Keep your Mac up to date
https://support.apple.com/en-in/guide/mac-help/mchlpx1065/mac

Aggiornare iPhone, iPad o iPod touch
https://support.apple.com/it-it/HT204204
https://www.apple.com/itunes/

L'aggiornamento e' disponibile tramite iTunes e
"Aggiornamento software" sul tuo dispositivo iOS
e non verra' visualizzato nell'applicazione
"Aggiornamento software" del tuo computer o nel
sito di download di Apple. Assicurati di aver
installato l'ultima versione di iTunes da
https://www.apple.com/itunes/


:: Riferimenti

Apple security updates
https://support.apple.com/en-us/HT201222

About the security content of iOS 16.5 and iPadOS 16.5
https://support.apple.com/en-us/HT213757

About the security content of macOS Ventura 13.4
https://support.apple.com/en-us/HT213758

About the security content of macOS Monterey 12.6.6
https://support.apple.com/en-us/HT213759

About the security content of macOS Big Sur 11.7.7
https://support.apple.com/en-us/HT213760

About the security content of tvOS 16.5
https://support.apple.com/en-us/HT213761

About the security content of Safari 16.5
https://support.apple.com/en-us/HT213762

About the security content of watchOS 9.5
https://support.apple.com/en-us/HT213764

About the security content of iOS 15.7.6 and iPadOS 15.7.6
https://support.apple.com/en-us/HT213765

Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23532
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23535
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27945
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28191
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28202
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28204
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32355
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32360
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32363
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32365
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32367
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32368
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32369
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32371
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32372
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32373
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32375
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32376
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32380
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32382
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32385
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32386
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32387
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32388
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32390
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32391
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32392
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32394
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32398
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32399
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32400
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32403
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32409
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32423




GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iD8DBQFkZ0fewZxMk2USYEIRCH/tAKCX6PlLmp44lruGhrvfj2cDN29oJQCeOt7d
6v9TlJGmbDYMENx+umKL2IU=
=Ydj5
-----END PGP SIGNATURE-----