È£½ºÆà ȣ½ºÆà µµ¸ÞÀÎ ¸¶ÀÌÆäÀÌÁö °í°´¼¾ÅÍ

È£½ºÆà ¼¾ÅÍ Å¸ÀÌƲ
°ßÀû¿äû
È£½ºÆÿ¬Àå µµ¸ÞÀο¬Àå È£½ºÆÿ¬Àå µµ¸ÞÀο¬Àå
ÅëÇÕÀ¥FTPÁ¢¼Ó
  • ³×ÀÓ¼­¹ö
  • 1Â÷
    hns1.nsgodo.com
    IP: 180.210.127.112
  • 2Â÷
    hns2.nsgodo.com
    IP: 211.233.51.3
°í°´¼¾ÅÍ Àå¾Ö½Å°í
¾È³çÇϼ¼¿ä. nhngodo ÀÔ´Ï´Ù. Á¤ºÎ¿¡¼­ 2020³â±îÁö °ø°øºÐ¾ß ¹× ¹Î°£À¥»çÀÌÆ® ¾×Ƽºêx ÆóÁö ¹× °³¼± ±Ç°í¾È³»·Î ÀÎÇØ ¾×ƼºêX·Î ±¸ÇöµÇ¾î Àִ ȣ½ºÆÃ¿ë °íµµ ÅëÇÕ À¥ FTP Á¦°øÀ» 2019³â¿¡ Á¾·á ¿¹Á¤¿¡ ÀÖ½À´Ï´Ù. ÃßÈÄ ´õ ÁÁÀº ¼­ºñ½º·Î Á¦°ø ¿¹Á¤ÀÌ¿À´Ï ¸¹Àº ¾çÇØ ºÎŹ µå¸®¸ç, ÀÌ¿¡ µû¶ó ÇØ´ç °íµµ FTP ´ë½Å ¾Æ·¡ ¸µÅ©¸¦ ÅëÇÏ¿© FTP ÇÁ·Î±×·¥À» ¼³Ä¡ÇÏ¿© »ç¿ëÇϽñ⸦ ±ÇÀåÇص帳´Ï´Ù. ¾×ƼºêX¶õ? Internet Explore »ç¿ëÀÚ°¡ À¥¼­ºñ½º¸¦ ÀÌ¿ëÇϴµ¥ ÇÊ¿äÇÑ ÀÀ¿ë ÇÁ·Î±×·¥À» ÄÄÇ»ÅÍ¿¡ ÀÚµ¿À¸·Î ¼³Ä¡ÇØÁÖ´Â ±â¼ú·Î ÄÄÇ»ÅÍÀÇ º¸¾ÈÀ» ÀϽÃÀûÀ¸·Î ÇØÁ¦ÇÏ´Â ±â´ÉÀÌ ÀÖ¾î º¸¾È¿¡ Ãë¾àÇÏ¿© Á¤ºÎ¿¡¼­µµ ¾×Ƽºê X¸¦ ÆóÁöÇ϶ó°í ±Ç°íÇÏ°í ÀÖ½À´Ï´Ù.
FTP ÇÁ·Î±×·¥ (¹«·áÇü ÇÁ·Î±×·¥) ´Ù¿î·Îµå ¹Ù·Î°¡±â
  • FileZilla ´Ù¿î·Îµå
  • FileZilla ¸Å´º¾ó ´Ù¿î·Îµå
´Ý±â
Á¦¸ñ [MS º¸¾È¾÷µ¥ÀÌÆ®]2011³â 2¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í Á¶È¸¼ö 2,662°Ç
[MS11-003] Internet Explorer ´©Àû º¸¾È ¾÷µ¥ÀÌÆ® ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É ¡à ¼³¸í o °ø°³µÈ Ãë¾àÁ¡ 2°³¸¦ Æ÷ÇÔÇÑ ÃÑ 4°³ÀÇ Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È¾÷µ¥ÀÌÆ® o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ À¥ÆäÀÌÁö¸¦ »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É o °ü·ÃÃë¾àÁ¡ : - CSS Memory Corruption Vulnerability - CVE-2010-3971 - Uninitialized Memory Corruption Vulnerability - CVE-2011-0035 - Uninitialized Memory Corruption Vulnerability - CVE-2011-0036 - Internet Explorer Insecure Library Loading Vulnerability - CVE-2011-0038 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Internet Explorer 6 with Windows XP SP3 - Internet Explorer 6 with Windows Pro x64 SP2 - Internet Explorer 6 with Windows Server 2003 SP2 - Internet Explorer 6 with Windows Server 2003 x64 SP2 - Internet Explorer 6 with Windows Server 2003 SP2 for Itanium-based Systems - Internet Explorer 7 with Windows XP SP3 - Internet Explorer 7 with Windows Pro x64 SP2 - Internet Explorer 7 with Windows Server 2003 SP2 - Internet Explorer 7 with Windows Server 2003 x64 SP2 - Internet Explorer 7 with Windows Server 2003 SP2 for Itanium-based Systems - Internet Explorer 7 with Windows Vista SP1, SP2 - Internet Explorer 7 with Windows Vista x64 SP1, SP2 - Internet Explorer 7 with Windows Server 2008, SP2 - Internet Explorer 7 with Windows Server 2008 x64, SP2 - Internet Explorer 7 with Windows Server for Itanium-based Systems, SP2 - Internet Explorer 8 with Windows XP SP3 - Internet Explorer 8 with Windows XP Pro x64 SP2 - Internet Explorer 8 with Windows Server 2003 SP2 - Internet Explorer 8 with Windows Server 2003 x64 SP2 - Internet Explorer 8 with Windows Vista SP1, SP2 - Internet Explorer 8 with Windows Vista x64 SP1, SP2 - Internet Explorer 8 with Windows Server 2008 SP1, SP2 - Internet Explorer 8 with Windows Server 2008 x64 SP1, SP2 - Internet Explorer 8 with Windows 7 - Internet Explorer 8 with Windows 7 x64 - Internet Explorer 8 with Windows Server 2008 R2 for x64 - Internet Explorer 8 with Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-003.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-003.mspx [MS11-004] Internet Information Services Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o IIS FTP ¼­ºñ½ºÀÇ FTP ¼­¹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ FTP ¸í·ÉÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç ¡Ø IIS(Internet Information Services) : FTP, SMTP, NNTP, HTTP/HTTPS µîÀÇ ÇÁ·ÎÅäÄÝÀ» Áö¿øÇÏ´Â MSÀÇ ÀÎÅÍ³Ý Á¤º¸ ¼­ºñ½º o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ FTP ¸í·ÉÀ» Àü¼ÛÇÏ¿© ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É o °ü·ÃÃë¾àÁ¡ : - IIS FTP Service Heap Buffer Overrun Vulnerability - CVE-2010-3972 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - IIS FTP 7.0, 7.5 on Windows Vista SP1, SP2 - IIS FTP 7.0, 7.5 on Windows Vista x64 Edition SP1, SP2 - IIS FTP 7.0, 7.5 on Windows Server 2008 for 32-bit Systems, SP2 - IIS FTP 7.0, 7.5 on Windows Server 2008 for x64-based Systems, SP2 - IIS FTP 7.5 on Windows 7 for 32-bit Systems - IIS FTP 7.5 on Windows 7 for x64-based Systems - IIS FTP 7.5 on Windows Server 2008 R2 for x64-based Systems - IIS FTP 7.5 on Windows Server 2008 R2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - IIS FTP 5.1 on Windows XP SP3 - IIS FTP 5.1 on Windows XP Professional x64 Edition SP2 - IIS FTP 6.0 on Windows Server 2003 SP2 - IIS FTP 6.0 on Windows Server 2003 x64 Edition SP2 - IIS FTP 6.0 on Windows Server 2003 with SP2 for Itanium-based Systems - IIS FTP 6.0 on Windows Vista SP1, SP2 - IIS FTP 6.0 on Windows Vista x64 Edition SP1, SP2 - IIS FTP 6.0 on Windows Server 2008 for 32-bit Systems, SP2 - IIS FTP 6.0 on Windows Server 2008 for x64-based Systems, SP2 - IIS FTP 6.0 on Windows Server 2008 for Itanium-based Systems, SP2 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-004.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-004.mspx [MS11-005] Active Directory Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¼­ºñ½º°ÅºÎ ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¼­ºñ½º°ÅºÎ »óÅ·Π¸¸µé ¼ö ÀÖÀ½ ¡à ¼³¸í o Active Directory ¼­¹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÐŶÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø Active Directory : À©µµ¿ì ¿î¿µÃ¼Á¦¿¡¼­ »ç¿ëÀÚ, »ç¿ëÀÚ ±×·ì, ³×Æ®¿÷ µ¥ÀÌÅÍ µîÀ» Çϳª·Î ÅëÇÕ °ü¸®ÇÏ´Â µð·ºÅ丮 ¼­ºñ½º o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÐŶÀ» Àü¼ÛÇÏ¿© ¼­ºñ½º°ÅºÎ ¹ß»ý°¡´É o °ü·ÃÃë¾àÁ¡ : - Active Directory SPN Validation Vulnerability - CVE-2011-0040 o ¿µÇâ : ¼­ºñ½º°ÅºÎ o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Active Directory on Windows Server 2003 SP2 - Active Directory on Windows Server 2003 x64 Edition SP2 - Active Directory on Windows Server 2003 with SP2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - ADAM on Windows XP SP3 - ADAM on Windows XP Professional x64 Edition SP2 - ADAM on Windows Server 2003 SP2 - ADAM on Windows Server 2003 x64 Edition SP2 - AD LDS on Windows Vista SP1, SP2 - AD LDS on Windows Vista x64 Edition SP1, SP2 - AD, AD LDS on Windows Server 2008 for 32-bit Systems, SP2 - AD, AD LDS on Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 - AD LDS on Windows 7 for 32-bit Systems - AD LDS on Windows 7 for x64-based Systems - AD, AD LDS Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-005.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-005.mspx [MS11-006] Windows Shell Graphics Processor Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É ¡à ¼³¸í o Windows Shell Graphics Processor°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁö¸¦ ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç ¡Ø Windows Shell Graphics Processor : À©µµ¿ì ¿î¿µÃ¼Á¦¿¡¼­ Ž»ö±â¿¡ À̹ÌÁö ÆÄÀÏÀ» °£·«ÇÏ°Ô º¸¿©ÁÖ±â À§ÇØ »ç¿ëµÇ´Â ¸ðµâ o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁö ÆÄÀÏÀ» »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É o °ü·ÃÃë¾àÁ¡ : - Windows Shell Graphics Processing Overrun Vulnerability - CVE-2010-3970 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-006.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-006.mspx [MS11-007] OpenType Compact Font Format µå¶óÀ̹öÃë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o OpenType Compact Font Format µå¶óÀ̹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆùÆ®¸¦ ÀÌ¿ëÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç ¡Ø OpenType Compact Font Format : MS À©µµ¿ì¿Í ¾ÖÇà MAC ¿î¿µÃ¼°è¿¡¼­ »ç¿ëµÇ´Â Æ®·çŸÀÔ ÆùÆ® ÆÄÀÏ Çü½ÄÀ» È®ÀåÇÑ ±Û²Ã ÆÄÀÏ Çü½Ä o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆùÆ®¸¦ »ç¿ëÀÚ°¡ »ç¿ëÇϵµ·Ï À¯µµÇÏ¿© ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É o °ü·ÃÃë¾àÁ¡ : - OpenType Font Encoded Character Vulnerability - CVE-2011-0033 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-007.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-007.mspx [MS11-008] Microsoft Visio Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É ¡à ¼³¸í o Microsoft Visio°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Visio ÆÄÀÏÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡ Á¸Àç o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Visio ÆÄÀÏÀ» »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ¿ø°ÝÄÚµå ½ÇÇà°¡´É o °ü·ÃÃë¾àÁ¡ : - Visio Object Memory Corruption Vulnerability - CVE-2011-0092 - Visio Data Type Memory Corruption Vulnerability - CVE-2011-0093 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Visio 2002 SP2 - Microsoft Visio 2003 SP3 - Microsoft Visio 2007 SP2 o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Visio 2010 (32-bit editions) - Microsoft Visio 2010 (64-bit editions) - Microsoft Visio 2007 Viewer - Microsoft Visio 2010 Viewer ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-008.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-008.mspx [MS11-009] JScript/VBScript Scripting ¿£Áø Ãë¾àÁ¡À¸·Î ÀÎÇÑ Á¤º¸´©Ãâ ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇÑ Á¤º¸´©Ãâ ¡à ¼³¸í o JScript/VBScript Scripting ¿£ÁøÀÌ Æ¯¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ó¸®ÇÏ´Â °úÁ¤¿¡¼­ Á¤º¸´©Ãâ Ãë¾àÁ¡ÀÌ ¹ß»ý o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ »ç¿ëÀÚ°¡ ¿­¾îº¸µµ·Ï À¯µµÇÏ¿© Á¤º¸´©Ã⠹߻ý°¡´É o °ü·ÃÃë¾àÁ¡ : - Scripting Engines Information Disclosure Vulnerability - CVE-2011-0031 o ¿µÇâ : Á¤º¸´©Ãâ o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-009.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-009.mspx [MS11-010] Windows Client/Server Run-time Subsystem Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Client/Server Run-time SubsystemÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ»ó½ÂÀÌ ¹ß»ý ¡Ø Windows Client/Server Run-time Subsystem : Win32 ¼­ºê½Ã½ºÅÛÀÇ »ç¿ëÀÚ¸ðµå ºÎºÐÀ¸·Î ÄÜ¼Ö À©µµ¿ì, ½º·¹µåÀÇ »ý¼º/»èÁ¦ µî¿¡ °ü¿©Çϸç Ç×»ó ½ÇÇàµÇ¾î¾ß ÇÏ´Â ±âº»ÀûÀÎ ¼­ºê½Ã½ºÅÛ o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É o °ü·ÃÃë¾àÁ¡ : - CSRSS Elevation of Privilege Vulnerability - CVE-2011-0030 o ¿µÇâ : ±ÇÇÑ»ó½Â o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-010.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-010.mspx [MS11-011] Windows Kernel Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Windows KernelÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ»ó½ÂÀÌ ¹ß»ý o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É o °ü·ÃÃë¾àÁ¡ : - Driver Improper Interaction with Windows Kernel Vulnerability - CVE-2010-4398 - Windows Kernel Integer Truncation Vulnerability - CVE-2011-0045 o ¿µÇâ : ±ÇÇÑ»ó½Â o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-011.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-011.mspx [MS11-012] Windows Kernel-Mode µå¶óÀ̹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Windows Kernel-Mode µå¶óÀ̹öÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ»ó½ÂÀÌ ¹ß»ý o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É o °ü·ÃÃë¾àÁ¡ : - Win32k Improper User Input Validation Vulnerability - CVE-2011-0086 - Win32k Insufficient User Input Validation Vulnerability - CVE-2011-0087 - Win32k Window Class Pointer Confusion Vulnerability - CVE-2011-0088 - Win32k Window Class Improper Pointer Validation Vulnerability - CVE-2011-0089 - Win32k Memory Corruption Vulnerability - CVE-2011-0090 o ¿µÇâ : ±ÇÇÑ»ó½Â o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-012.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-012.mspx [MS11-013] Kerberos Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¼­ºñ½º°¡ µ¿ÀÛÇÏ´Â °úÁ¤ Áß, KerberosÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ±ÇÇÑ »ó½ÂÀÌ ¹ß»ý ¡Ø Kerberos : °³¹æµÈ ÄÄÇ»ÅÍ ³×Æ®¿öÅ© ³»¿¡¼­ ¼­ºñ½º ¿ä±¸¸¦ ÀÎÁõÇϱâ À§ÇÑ ¹æ¹ý o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¼­ºñ½º¸¦ »ç¿ëÀÚ°¡ »ç¿ëÇϵµ·Ï À¯µµÇÏ¿© ±ÇÇÑ»ó½Â ¹ß»ý°¡´É o °ü·ÃÃë¾àÁ¡ : - Kerberos Unkeyed Checksum Vulnerability - CVE-2011-0043 - Kerberos Spoofing Vulnerability - CVE-2011-0091 o ¿µÇâ : ±ÇÇÑ»ó½Â o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-013.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-013.mspx [MS11-014] Local Security Authority Subsystem Service Ãë¾àÁ¡À¸·Î ÀÎÇÑ ·ÎÄñÇÇÑ»ó½Â ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Windows¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀÌ ½ÇÇàµÇ´Â °úÁ¤ Áß, Local Security Authority Subsystem ServiceÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇØ ·ÎÄñÇÇÑ»ó½ÂÀÌ ¹ß»ý ¡Ø Local Security Authority Subsystem Service : ·ÎÄà º¸¾È, µµ¸ÞÀÎ ÀÎÁõ, ¿¢Æ¼ºê µð·ºÅ丮 ¼­ºñ½º ÇÁ·Î¼¼½º µîÀ» °ü¸®Çϱâ À§ÇÑ ÀÎÅÍÆäÀ̽º¸¦ Á¦°øÇÏ´Â ¼­ºñ½º o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» »ç¿ëÀÚ°¡ ½ÇÇàÇϵµ·Ï À¯µµÇÏ¿© ·ÎÄñÇÇÑ»ó½Â ¹ß»ý°¡´É o °ü·ÃÃë¾àÁ¡ : - LSASS Length Validation Vulnerability - CVE-2011-0039 o ¿µÇâ : ·ÎÄñÇÇÑ»ó½Â o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems, SP2 - Windows Server 2008 for x64-based Systems, SP2 - Windows Server 2008 for Itanium-based Systems, SP2 - Windows 7 for 32-bit Systems - Windows 7 for x64-based Systems - Windows Server 2008 R2 for x64-based Systems - Windows Server 2008 R2 for Itanium-based Systems ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-014.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-014.mspx