http://blogs.technet.com/feliciano_intini/archive/tags/4.0+Application+Security/default.aspxTags: 4.0 Application Securityen-USCommunityServer 2.1 SP1 (Build: 61025.2)http://blogs.technet.com/feliciano_intini/archive/2009/07/28/rilascio-straordinario-di-sicurezza-microsoft-del-28-luglio-2009-prime-indicazioni-e-raccomandazioni.aspxTue, 28 Jul 2009 21:47:28 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3268811Feliciano Intini9http://blogs.technet.com/feliciano_intini/comments/3268811.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3268811Eccomi qui, come anticipato , a spiegarvi il rilascio straordinario appena pubblicato di questi due bollettini Microsoft ( MS09-034 e MS09-035 ) e del relativo “ Microsoft Security Advisory (973882) - Vulnerabilities in Microsoft Active Template Library...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/07/28/rilascio-straordinario-di-sicurezza-microsoft-del-28-luglio-2009-prime-indicazioni-e-raccomandazioni.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3268811" width="1" height="1">3.0 Operating System Security4.0 Application SecuritySecurity Development Lifecycle (SDL)Security Bulletin and Advisory Risk AnalysisInternet Explorer SecuritySecurity EcosystemMicrosoft Active Protections Program (MAPP)http://blogs.technet.com/feliciano_intini/archive/2009/07/26/annunciato-il-rilascio-straordinario-di-due-bollettini-di-sicurezza-per-marted-28-luglio.aspxSun, 26 Jul 2009 02:24:54 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3268135Feliciano Intini0http://blogs.technet.com/feliciano_intini/comments/3268135.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3268135Microsoft ha anticipato che il prossimo martedì 28 luglio (alla tipica ora, le 10.00 AM Pacific Time di Redmond, equivalenti alle nostre 19.00) pubblicherà 2 bollettini di sicurezza: Microsoft Security Bulletin Advance Notification for July 2009 Come...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/07/26/annunciato-il-rilascio-straordinario-di-due-bollettini-di-sicurezza-per-marted-28-luglio.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3268135" width="1" height="1">4.0 Application SecuritySecurity Bulletin and Advisory Risk AnalysisInternet Explorer Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/07/15/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-luglio-2009.aspxWed, 15 Jul 2009 12:28:24 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3264603Feliciano Intini0http://blogs.technet.com/feliciano_intini/comments/3264603.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3264603L’emissione dei bollettini di sicurezza Microsoft di questo mese è caratterizzata dal rilascio di 6 bollettini , che risolvono in totale 9 vulnerabilità , purtroppo praticamente tutte tranne una caratterizzate da un elevato indice di sfruttabilità, come...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/07/15/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-luglio-2009.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3264603" width="1" height="1">3.0 Operating System Security4.0 Application SecurityWindows Vista SecurityOffice SecurityMalware and Attack analysisWindows Server 2008 SecuritySecurity Bulletin and Advisory Risk AnalysisWindows XP SecurityISA Server 2006Scareware/RoguewareWindows 2000 SecurityWindows Server 2003 SecurityVirtual Server 2005 R2Virtual PC 2007http://blogs.technet.com/feliciano_intini/archive/2009/07/14/microsoft-security-advisory-973472-sugli-office-web-components.aspxTue, 14 Jul 2009 16:23:15 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3263811Feliciano Intini0http://blogs.technet.com/feliciano_intini/comments/3263811.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3263811E’ stato emesso il “ Microsoft Security Advisory (973472) - Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution ” per segnalare una vulnerabilità nei Microsoft Office Web Components (sono interessate diverse versioni...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/07/14/microsoft-security-advisory-973472-sugli-office-web-components.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3263811" width="1" height="1">4.0 Application SecurityOffice SecuritySecurity Bulletin and Advisory Risk AnalysisISA Server 2006http://blogs.technet.com/feliciano_intini/archive/2009/06/10/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-giugno-2009.aspxWed, 10 Jun 2009 02:31:11 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3252770Feliciano Intini0http://blogs.technet.com/feliciano_intini/comments/3252770.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3252770L’emissione dei bollettini di sicurezza Microsoft di questo mese è caratterizzata dal rilascio di 10 bollettini , che risolvono in totale 31 vulnerabilità . Vi riporto la tabella riepilogativa dell’ exploitability index da cui si evince che quasi tutti...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/06/10/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-giugno-2009.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3252770" width="1" height="1">3.0 Operating System Security4.0 Application SecurityWindows Vista SecurityOffice SecurityWindows Server 2008 SecuritySecurity Bulletin and Advisory Risk AnalysisInternet Explorer SecurityWindows XP SecurityActive Directory SecurityIE8 SecurityScareware/RoguewareWindows 2000 SecurityWindows Server 2003 SecurityIIS Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/05/19/microsoft-security-advisory-971492-su-iis.aspxTue, 19 May 2009 15:09:56 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3243149Feliciano Intini1http://blogs.technet.com/feliciano_intini/comments/3243149.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3243149[English version below: &quot; Microsoft Security Advisory 971492 related to IIS &quot; ] E’ stato emesso il “ Microsoft Security Advisory (971492) - Vulnerability in Internet Information Services Could Allow Elevation of Privilege ” per segnalare una...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/05/19/microsoft-security-advisory-971492-su-iis.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3243149" width="1" height="1">4.0 Application SecuritySecurity Bulletin and Advisory Risk AnalysisWindows XP SecurityWindows 2000 SecurityWindows Server 2003 SecurityIIS Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/04/15/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-aprile-2009.aspxWed, 15 Apr 2009 02:17:48 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3226495Feliciano Intini1http://blogs.technet.com/feliciano_intini/comments/3226495.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3226495[English version below: &quot; Microsoft Security Bulletin Risk Analysis – April 2009 &quot; ] Come già anticipato, l’emissione dei bollettini di sicurezza Microsoft di questo mese è caratterizzata dal rilascio di 8 bollettini , che risolvono in totale...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/04/15/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-aprile-2009.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3226495" width="1" height="1">3.0 Operating System Security2.0 Perimeter and Network Security4.0 Application SecurityWindows Vista SecurityOffice SecurityMalware and Attack analysisWindows Server 2008 SecuritySecurity Bulletin and Advisory Risk AnalysisInternet Explorer SecurityWindows XP SecurityForefront Threat Management Gateway (TMG)ISA Server 2006Windows 2000 SecurityWindows Server 2003 Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/04/11/8-bollettini-di-sicurezza-microsoft-in-arrivo-per-aprile-2009.aspxSat, 11 Apr 2009 12:21:20 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3225324Feliciano Intini1http://blogs.technet.com/feliciano_intini/comments/3225324.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3225324[English version below: &quot; 8 Microsoft Security Bulletins are coming out in April 2009&quot; ] Pasqua ricca quest’anno, non solo di uova di cioccolato, ma anche di bollettini di sicurezza: se ne attendono ben 8 per il prossimo martedì 14 aprile, di...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/04/11/8-bollettini-di-sicurezza-microsoft-in-arrivo-per-aprile-2009.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3225324" width="1" height="1">3.0 Operating System Security2.0 Perimeter and Network Security4.0 Application SecurityWindows Vista SecurityOffice SecurityWindows Server 2008 SecurityInternet Explorer SecurityWindows XP SecurityForefront Threat Management Gateway (TMG)ISA Server 2006Windows 2000 SecurityWindows Server 2003 Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/04/06/microsoft-security-advisory-969136-su-microsoft-office-powerpoint.aspxMon, 06 Apr 2009 12:41:35 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3222782Feliciano Intini2http://blogs.technet.com/feliciano_intini/comments/3222782.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3222782[English version below: &quot;Microsoft Security Advisory 969136 related to Microsoft Office Powerpoint &quot; ] Lo scorso 2 aprile è stato pubblicato il &quot; Microsoft Security Advisory (969136) - Vulnerability in Microsoft Office PowerPoint Could...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/04/06/microsoft-security-advisory-969136-su-microsoft-office-powerpoint.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3222782" width="1" height="1">4.0 Application SecurityOffice SecuritySecurity Bulletin and Advisory Risk Analysishttp://blogs.technet.com/feliciano_intini/archive/2009/03/19/rilasciato-internet-explorer-8.aspxThu, 19 Mar 2009 20:33:25 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3215329Feliciano Intini5http://blogs.technet.com/feliciano_intini/comments/3215329.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3215329Rilancio telegraficamente l'importante annuncio del rilascio sul web di Internet Explorer 8 , dato dai due blog di IE e Windows e ripreso da Renato: Internet Explorer 8 Final Available Now Final Release of Internet Explorer 8 Now Available Internet Explorer...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/03/19/rilasciato-internet-explorer-8.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3215329" width="1" height="1">4.0 Application SecurityInternet Explorer SecurityIE8 Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/03/03/aggiornato-il-security-compliance-management-toolkit.aspxTue, 03 Mar 2009 13:50:48 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3208673Feliciano Intini1http://blogs.technet.com/feliciano_intini/comments/3208673.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3208673Prima che la notizia invecchi... :-), riprendo il post di Giorgio per avvisarvi del recente aggiornamento del Security Compliance Management Toolkit di cui vi avevo già parlato, sia quando era in beta , che nella sua prima edizione , lo scorso giugno...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/03/03/aggiornato-il-security-compliance-management-toolkit.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3208673" width="1" height="1">3.0 Operating System Security4.0 Application SecurityWindows Vista SecurityOffice SecurityWindows Server 2008 SecurityWindows XP SecuritySecurity Compliance ManagementWindows Server 2003 Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/02/25/security-advisory-968272-su-excel.aspxWed, 25 Feb 2009 12:00:41 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3206484Feliciano Intini3http://blogs.technet.com/feliciano_intini/comments/3206484.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3206484Ieri sera è stato pubblicato il " Microsoft Security Advisory (968272) - Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution " per segnalare la conoscenza di alcuni attacchi limitati e circoscritti che stanno sfruttando una vulnerabilità...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/02/25/security-advisory-968272-su-excel.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3206484" width="1" height="1">4.0 Application SecurityOffice SecuritySecurity Bulletin and Advisory Risk Analysishttp://blogs.technet.com/feliciano_intini/archive/2009/02/10/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-febbraio-2009.aspxTue, 10 Feb 2009 20:50:37 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3200320Feliciano Intini2http://blogs.technet.com/feliciano_intini/comments/3200320.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3200320Come anticipato lo scorso venerdì, questa emissione di sicurezza di febbraio 2009 vede la pubblicazione di 4 bollettini che risolvono un totale di 8 vulnerabilità, tutte non note pubblicamente fino ad oggi tranne quella relativa al bollettino di SQL che...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/02/10/analisi-di-rischio-sui-bollettini-di-sicurezza-microsoft-febbraio-2009.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3200320" width="1" height="1">3.0 Operating System Security4.0 Application SecurityOffice SecurityMalware and Attack analysisSecurity Bulletin and Advisory Risk AnalysisSQL SecurityInternet Explorer SecurityExchange Securityhttp://blogs.technet.com/feliciano_intini/archive/2009/02/06/4-bollettini-di-sicurezza-microsoft-in-arrivo-per-febbraio-2009.aspxFri, 06 Feb 2009 14:16:22 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3198037Feliciano Intini5http://blogs.technet.com/feliciano_intini/comments/3198037.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3198037Rapido post di anticipazione per il prossimo patch tuesday , che cade il prossimo 10 febbraio (al solito sarà la tarda serata di martedì per noi in Italia), e prevede l'emissione di 4 bollettini , di cui 2 Critical e 2 Important : Uno sguardo sulle versioni...(<a href="http://blogs.technet.com/feliciano_intini/archive/2009/02/06/4-bollettini-di-sicurezza-microsoft-in-arrivo-per-febbraio-2009.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3198037" width="1" height="1">3.0 Operating System Security4.0 Application SecurityOffice SecuritySecurity Bulletin and Advisory Risk AnalysisSQL SecurityInternet Explorer SecurityExchange Securityhttp://blogs.technet.com/feliciano_intini/archive/2008/12/18/ecco-il-bollettino-straordinario-ms08-078-su-ie-ed-alcune-considerazioni-sullo-scenario-di-rischio.aspxThu, 18 Dec 2008 04:19:42 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3170578Feliciano Intini7http://blogs.technet.com/feliciano_intini/comments/3170578.aspxhttp://blogs.technet.com/feliciano_intini/commentrss.aspx?PostID=3170578Puntuale rispetto al preavviso, stasera Microsoft ha rilasciato il bollettino straordinario " MS08-078 - Security Update for Internet Explorer (960714) ". L'analisi di rischio è presto fatta (anche perché la maggior parte dei dettagli importanti è stata...(<a href="http://blogs.technet.com/feliciano_intini/archive/2008/12/18/ecco-il-bollettino-straordinario-ms08-078-su-ie-ed-alcune-considerazioni-sullo-scenario-di-rischio.aspx">read more</a>)<img src="http://blogs.technet.com/aggbug.aspx?PostID=3170578" width="1" height="1">3.0 Operating System Security4.0 Application SecurityWindows Vista SecuritySecurity Development Lifecycle (SDL)Windows Server 2008 SecuritySecurity Bulletin and Advisory Risk AnalysisInternet Explorer SecurityWindows XP SecurityResponsible/full disclosureVulnerability HandlingWindows 2000 SecurityWindows Server 2003 Security