[MS11-015] Window Media Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦
¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
¡à ¼³¸í
o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Microsoft Digital Video Recoding(.dvr-ms) ÆÄÀÏÀ» ¿¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà
Ãë¾àÁ¡ÀÌ Á¸Àç
¡Ø Microsoft Digital Video Recoding(.dvr-ms): ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»ç°¡ °³¹ßÇÑ µ¶ÀÚÀûÀÎ ºñµð¿À
¹× ¿Àµð¿À ÆÄÀÏ ÄÁÅ×ÀÌ³Ê Æ÷¸Ë
o °ü·ÃÃë¾àÁ¡ :
- DirectShow Insecure Library Loading Vulnerability - CVE-2011-0032
- DVR-MS Vulnerability - CVE-2011-0042
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Áß¿äµµ : ±ä±Þ
¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP Media Center Edition 2005 SP3
- Windows XP SP3
- Windows XP Professional x64 edition SP2
- Windows Vista SP1. SP2
- Windows Vista x64 Edition SP1, SP2
- Windows 7 for 32-bit Systems, Windows 7 for 32-bit Systems SP1
- Windows 7 for x64-based Systems, Windows 7 for x64-based Systems SP1
- Windows Server 2008 R2 for x64-based Systems, Windows Server 2008 R2 for x64-based
Systems SP1
- Windows Media Center TV Pack for Windows Vista (32-bit editions)
- Windows Media Center TV Pack for Windows Vista (64-bit editions)
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP Home Edition SP3
- Windows XP Tablet PC Edition SP3
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2008 for 32-bit Systems, Windows Server 2008 for 32-bit Systems SP2
- Windows Server 2008 for x64-based Systems, Windows Server 2008 for x64-based Systems
SP2
- Windows Server 2008 for Itanium-based Systems, Windows Server 2008 for Itanium-based
Systems SP2
- Windows Server 2008 R2 for Itanium-based Systems
¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë
¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-015.mspx
o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-015.mspx
[MS11-016] Microsoft Groove Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦
¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
¡à ¼³¸í
o Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏ°ú °°Àº ³×Æ®¿öÅ© µð·ºÅ丮¿¡ À§Ä¡ÇÑ Á¤»óÀûÀÎ Groove °ü·Ã
ÆÄÀÏÀ» »ç¿ëÀÚ°¡ ¿¾úÀ» °æ¿ì ¿ö°Ý¿¡¼ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
¡Ø Microsoft Groove : ÆÀ ±¸¼º¿øÀÌ ¿ø°Ý¿¡¼ ÀÛ¾÷ÇÏ´Â °æ¿ì¿¡µµ È¿°úÀûÀ¸·Î ÇÔ²² ÀÛ¾÷ÇÒ ¼ö
ÀÖµµ·Ï µµ¿ÍÁÖ´Â °øµ¿ ÀÛ¾÷ ¼ÒÇÁÆ®¿þ¾î ÇÁ·Î±×·¥
o ÀÏ¹Ý »ç¿ëÀÚ ±ÇÇѺ¸´Ù °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø »ç¿ëÀÚ¿¡°Ô ´õ ¿µÇâÀ» ³¢Ä§
o °ü·ÃÃë¾àÁ¡ :
- Microsoft Groove Insecure Library Loading Vulnerability - CVE-2010-3146
o ¿µÇâ : ¿ø°ÝÄÚµå ½ÇÇà
o Áß¿äµµ : Áß¿ä
¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Groove 2007 SP2 (32-bit versions)
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Groove Server 2007
- Microsoft Groove Server 2010
- Microsoft SharePoint Workspace 2010
¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë
¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-016.mspx
o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-016.mspx
[MS11-017] Remote Desktop Client Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦
¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
¡à ¼³¸í
o Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏ°ú °°Àº ³×Æ®¿öÅ© Æú´õ¿¡ À§Ä¡ÇÑ Á¤»óÀûÀÎ Remote Desktop
Client configuration(.rdp) ÆÄÀÏÀ» »ç¿ëÀÚ°¡ ¿¾úÀ» °æ¿ì ¿ø°Ý¿¡¼ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
¡Ø Remote Desktop Client : ¿ø°Ý¿¡¼ Åë½ÅÇÒ ¼ö ÀÖµµ·Ï Å͹̳Π¼¹ö¿Í ¿¬°áÇÏ´Â ÇÁ·Î±×·¥
o »ç¿ëÀÚ°¡ ½Å·ÚµÇÁö ¾ÊÀº remote file system ¶Ç´Â WebDAV share¿¡ ¹æ¹®ÇÏ¿© ÆÄÀÏÀ» ¿¾úÀ» ¶§
Ãë¾àÇÑ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÈ´Ù.
¡ØWebDAV : WebDAV(Web-based Distributed Authoring and Versioning), À¥À» ÅëÇÏ¿©
À¥ ¼¹ö¿¡ ÆÄÀÏÀ» °ü¸®(¸ñ·Ï Á¶È¸, ¼öÁ¤, »èÁ¦, À̵¿ µî)ÇÒ ¼ö ÀÖ´Â È®ÀåµÈ HTTP ÇÁ·ÎÅäÄÝ
o °ü·ÃÃë¾àÁ¡ :
- Remote Desktop Insecure Library Loading Vulnerability - CVE-2011-0029
o ¿µÇâ : ¿ø°ÝÄÚµå ½ÇÇà
o Áß¿äµµ : Áß¿ä
¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Remote Desktop Connection 5.2 Client Windows XP SP3
- Remote Desktop Connection 6.0 Client, Remote Desktop Connection 6.1 Client Windows
XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Vista SP1, Windows Vista SP2
- Windows Vista x64 Edition SP1, Windows Vista x64 Edition SP2
- Windows Server 2008 for 32-bit Systems, Windows Server 2008 for 32-bit Systems SP2
- Windows Server 2008 for x64-based Systems, Windows Server 2008 for x64-based
Systems SP2
- Windows Server 2008 for Itanium based Systems, Windows Server 2008 for Itanium based
Systems SP2
- Remote Desktop Connection 7.0 Client Windows XP SP3
- Windows Vista SP1, Windows Vista SP2
- Windows Vista x64 Edition SP1, Windows Vista x64 Edition SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64 based Systems
- Windows Server 2008 R2 for x64 based Systems
- Windows Server 2008 R2 for Itanium based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows 7 for 32-bit Systems SP1
- Windows 7 for x64-based Systems SP1
- Windows Server 2008 R2 for x64-based Systems SP1
- Windows Server 2008 R2 for Itanium-based Systems SP1
¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë
¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-017.mspx
o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-017.mspx
¿øº» : http://www.krcert.or.kr |
