È£½ºÆà ȣ½ºÆà µµ¸ÞÀÎ ¸¶ÀÌÆäÀÌÁö °í°´¼¾ÅÍ

È£½ºÆà ¼¾ÅÍ Å¸ÀÌƲ
°ßÀû¿äû
È£½ºÆÿ¬Àå µµ¸ÞÀο¬Àå È£½ºÆÿ¬Àå µµ¸ÞÀο¬Àå
ÅëÇÕÀ¥FTPÁ¢¼Ó
  • ³×ÀÓ¼­¹ö
  • 1Â÷
    hns1.nsgodo.com
    IP: 180.210.127.112
  • 2Â÷
    hns2.nsgodo.com
    IP: 211.233.51.3
°í°´¼¾ÅÍ Àå¾Ö½Å°í
¾È³çÇϼ¼¿ä. nhngodo ÀÔ´Ï´Ù. Á¤ºÎ¿¡¼­ 2020³â±îÁö °ø°øºÐ¾ß ¹× ¹Î°£À¥»çÀÌÆ® ¾×Ƽºêx ÆóÁö ¹× °³¼± ±Ç°í¾È³»·Î ÀÎÇØ ¾×ƼºêX·Î ±¸ÇöµÇ¾î Àִ ȣ½ºÆÃ¿ë °íµµ ÅëÇÕ À¥ FTP Á¦°øÀ» 2019³â¿¡ Á¾·á ¿¹Á¤¿¡ ÀÖ½À´Ï´Ù. ÃßÈÄ ´õ ÁÁÀº ¼­ºñ½º·Î Á¦°ø ¿¹Á¤ÀÌ¿À´Ï ¸¹Àº ¾çÇØ ºÎŹ µå¸®¸ç, ÀÌ¿¡ µû¶ó ÇØ´ç °íµµ FTP ´ë½Å ¾Æ·¡ ¸µÅ©¸¦ ÅëÇÏ¿© FTP ÇÁ·Î±×·¥À» ¼³Ä¡ÇÏ¿© »ç¿ëÇϽñ⸦ ±ÇÀåÇص帳´Ï´Ù. ¾×ƼºêX¶õ? Internet Explore »ç¿ëÀÚ°¡ À¥¼­ºñ½º¸¦ ÀÌ¿ëÇϴµ¥ ÇÊ¿äÇÑ ÀÀ¿ë ÇÁ·Î±×·¥À» ÄÄÇ»ÅÍ¿¡ ÀÚµ¿À¸·Î ¼³Ä¡ÇØÁÖ´Â ±â¼ú·Î ÄÄÇ»ÅÍÀÇ º¸¾ÈÀ» ÀϽÃÀûÀ¸·Î ÇØÁ¦ÇÏ´Â ±â´ÉÀÌ ÀÖ¾î º¸¾È¿¡ Ãë¾àÇÏ¿© Á¤ºÎ¿¡¼­µµ ¾×Ƽºê X¸¦ ÆóÁöÇ϶ó°í ±Ç°íÇÏ°í ÀÖ½À´Ï´Ù.
FTP ÇÁ·Î±×·¥ (¹«·áÇü ÇÁ·Î±×·¥) ´Ù¿î·Îµå ¹Ù·Î°¡±â
  • FileZilla ´Ù¿î·Îµå
  • FileZilla ¸Å´º¾ó ´Ù¿î·Îµå
´Ý±â
Á¦¸ñ [MS º¸¾È¾÷µ¥ÀÌÆ®]2011³â 4¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® Á¶È¸¼ö 2,060°Ç
[MS11-018] Internet Explorer 6, 7, 8 Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç o °ü·ÃÃë¾àÁ¡ : - Layouts Handling Memory Corruption Vulnerability - CVE-2011-0094 - MSHTML Memory Corruption Vulnerability - CVE-2011-0346 - Frame Tag Information Disclosure Vulnerability - CVE-2011-1244 - Javascript Information Disclosure Vulnerability - CVE-2011-1245 - Object Management Memory Corruption Vulnerability - CVE-2011-1345 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Internet Explorer 6 on Windows XP SP3 - Internet Explorer 6 on Windows XP Professional x64 Edition SP2 - Internet Explorer 6 on Windows Server 2003 SP2 - Internet Explorer 6 on Windows Server 2003 x64 Edition SP2 - Internet Explorer 6 on Windows Server 2003 with SP2 for Itanium-based Systems - Internet Explorer 7 on Windows XP SP3 - Internet Explorer 7 on Windows XP Professional x64 Edition SP2 - Internet Explorer 7 on Windows Server 2003 SP2 - Internet Explorer 7 on Windows Server 2003 x64 Edition SP2 - Internet Explorer 7 on Windows Server 2003 with SP2 for Itanium-based Systems - Internet Explorer 7 on Windows Vista SP1, SP2 - Internet Explorer 7 on Windows Vista x64 Edition SP1, SP2 - Internet Explorer 7 on Windows Server 2008 for 32-bit Systems SP0, SP2** - Internet Explorer 7 on Windows Server 2008 for x64-based Systems SP0, SP2** - Internet Explorer 7 on Windows Server 2008 for Itanium-based Systems SP0, SP2 - Internet Explorer 8 on Windows XP SP3 - Internet Explorer 8 on Windows XP Professional x64 Edition SP2 - Internet Explorer 8 on Windows Server 2003 SP2 - Internet Explorer 8 on Windows Server 2003 x64 Edition SP2 - Internet Explorer 8 on Windows Vista SP1, SP2 - Internet Explorer 8 on Windows Vista x64 Edition SP1, SP2 - Internet Explorer 8 on Windows Server 2008 for 32-bit Systems SP0, SP2** - Internet Explorer 8 on Windows Server 2008 for x64-based Systems SP0, SP2** - Internet Explorer 8 on Windows 7 for 32-bit Systems - Internet Explorer 8 on Windows 7 for x64-based Systems - Internet Explorer 8 on Windows Server 2008 R2 for x64-based Systems** - Internet Explorer 8 on Windows Server 2008 R2 for Itanium-based Systems ¡Ø **Ç¥½ÃµÈ À©µµ¿ì¸¦ ¼­¹öÄÚ¾î(Server Core)¿É¼ÇÀ¸·Î ¼³Ä¡ÇÑ °æ¿ì, ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâÀ» ¹ÞÁö ¾ÊÀ½ o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Internet Explorer 9 on Windows Vista 32-bit SP2 - Internet Explorer 9 on Windows Vista 64-bit SP2 - Internet Explorer 9 on Windows Server 2008 for 32-bit SP2 - Internet Explorer 9 on Windows Server 2008 for 64-bit SP2 - Internet Explorer 9 on Windows 7 for 32-bit SP0, SP1 - Internet Explorer 9 on Windows 7 for 64-bit SP0, SP1 - Internet Explorer 9 on Windows Server 2008 R2 for 64-bit SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-018.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-018.mspx [MS11-019] SMB Ŭ¶óÀ̾ðÆ® Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ SMBÀÀ´äÀ» Ŭ¶óÀ̾ðÆ®·Î º¸³¾ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø SMB(Server Message Block) : À©µµ¿ì ȯ°æ¿¡ »ç¿ëµÇ´Â ÆÄÀÏ/Àμâ±â °øÀ¯ ÇÁ·ÎÅäÄÝ o °ü·ÃÃë¾àÁ¡ : - Browser Pool Corruption Vulnerability - CVE-2011-0654 - SMB Client Response Parsing Vulnerability - CVE-2011-0660 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems SP0, SP2 - Windows Server 2008 for x64-based Systems SP0, SP2 - Windows Server 2008 for Itanium-based Systems SP0, SP2 - Windows 7 for 32-bit SP0, SP1 - Windows 7 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-019.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-019.mspx [MS11-020] SMB ¼­¹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ SMBÆÐŶÀ» ¼­¹ö·Î º¸³¾ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø SMB(Server Message Block) : À©µµ¿ì ȯ°æ¿¡ »ç¿ëµÇ´Â ÆÄÀÏ/Àμâ±â °øÀ¯ ÇÁ·ÎÅäÄÝ o °ü·ÃÃë¾àÁ¡ : - SMB Transaction Parsing Vulnerability - CVE-2011-0661 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems SP0, SP2 - Windows Server 2008 for x64-based Systems SP0, SP2 - Windows Server 2008 for Itanium-based Systems SP0, SP2 - Windows 7 for 32-bit SP0, SP1 - Windows 7 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-020.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-020.mspx [MS11-021] Microsoft Excel Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Excel ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - Excel Integer Overrun Vulnerability - CVE-2011-0097 - Excel Heap Overflow Vulnerability - CVE-2011-0098 - Excel Record Parsing WriteAV Vulnerability - CVE-2011-0101 - Excel Memory Corruption Vulnerability - CVE-2011-0103 - Excel Buffer Overwrite Vulnerability - CVE-2011-0104 - Excel Data Initialization Vulnerability - CVE-2011-0105 - Excel Array Indexing Vulnerability - CVE-2011-0978 - Excel Linked List Corruption Vulnerability - CVE-2011-0979 - Excel Dangling Pointer Vulnerability - CVE-2011-0980 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Office XP SP3 - Microsoft Office 2003 SP3 - Microsoft Office 2007 SP2 - Microsoft Office 2010 for 32-bit editions, 64-bit editions - Microsoft Office 2004 for Mac - Microsoft Office 2008 for Mac - Microsoft Office 2011 for Mac - Open XML File Format Converter for Mac - Microsoft Excel Viewer SP2 - Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Works 9 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-021.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-021.mspx [MS11-022] Microsoft PowerPoint Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ PowerPoint ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - Floating Point Techno-color Time Bandit RCE Vulnerability - CVE-2011-0655 - Persist Directory RCE Vulnerability - CVE-2011-0656 - OfficeArt Atom RCE Vulnerability - CVE-2011-0976 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Office XP SP3 - Microsoft Office 2003 SP3 - Microsoft Office 2007 SP2 - Microsoft Office 2010 for 32-bit editions, 64-bit editions - Microsoft Office 2004 for Mac - Microsoft Office 2008 for Mac - Microsoft Office 2011 for Mac - Open XML File Format Converter for Mac - Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2 - Microsoft PowerPoint Viewer 2007 SP2 - Microsoft PowerPoint Viewer o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Works 9 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-022.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-022.mspx [MS11-023] Microsoft Office Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Office ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - Office Component Insecure Library Loading Vulnerability - CVE-2011-0107 - Microsoft Office Graphic Object Dereferencing Vulnerability - CVE-2011-0977 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Office XP SP3 - Microsoft Office 2003 SP3 - Microsoft Office 2007 SP2 - Microsoft Office 2004 for Mac - Microsoft Office 2008 for Mac - Open XML File Format Converter for Mac o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Office 2010 for 32-bit editions, 64-bit editions - Microsoft Office XP SP3 - Microsoft Office for Mac 2011 - Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 - Microsoft Word Viewer - Microsoft Excel Viewer SP2 - Microsoft PowerPoint Viewer SP2 - Microsoft Visio 2007 Viewer SP2 - Microsoft Visio 2010 Viewer - Microsoft Works 9 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-023.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-023.mspx [MS11-024] Microsoft Fax Cover Page Editor Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Æѽº Ç¥ÁöÆäÀÌÁö ÆÄÀÏ(.cov)À» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - Fax Cover Page Editor Memory Corruption Vulnerability - CVE-2010-3974 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1 and Windows Vista SP2 - Windows Vista x64 Edition SP1 and Windows Vista x64 Edition SP2 - Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems SP2 - Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems SP2 - Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems SP2 - Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1 - Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1 - Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems SP1 - Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-024.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-024.mspx [MS11-025] Microsoft Foundation Class Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ ¡à ¼³¸í o MFC¸¦ »ç¿ëÇϴ ƯÁ¤ ÀÀ¿ë ÇÁ·Î±×·¥ ¶Ç´Â Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç ¡Ø Microsoft Foundation Class (MFC) : MS À©µµ¿ì ÇÁ·Î±×·¡¹ÖÀ» À§ÇÑ ÀÀ¿ëÇÁ·Î±×·¥ ÇÁ·¹ÀÓ¿öÅ© ¶óÀ̺귯¸® o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - MFC Insecure Library Loading Vulnerability - CVE-2010-3190 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Visual Studio .NET 2003 SP1 - Microsoft Visual Studio 2005 SP1 - Microsoft Visual Studio 2008 SP1 - Microsoft Visual Studio 2010 - Microsoft Visual C++ 2005 SP1 Redistributable Package - Microsoft Visual C++ 2008 SP1 Redistributable Package - Microsoft Visual C++ 2010 Redistributable Package ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-025.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-025.mspx [MS11-026] MHTML Ãë¾àÁ¡À¸·Î ÀÎÇÑ Á¤º¸À¯Ãâ ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛÀ¸·ÎºÎÅÍ Á¤º¸¸¦ À¯ÃâÇÒ ¼ö ÀÖÀ½ ¡à ¼³¸í o À¥»çÀÌÆ®¿¡ »ðÀÔµÈ Á¶ÀÛµÈ ¸µÅ©¸¦ Ŭ¸¯ÇÒ °æ¿ì MHTML ÀÀ´äó¸® ¹æ½ÄÀÇ ¹®Á¦·Î ÀÎÇØ Á¤º¸À¯Ãâ Ãë¾àÁ¡ ¹ß»ý ¡Ø MHTML : MHTML À¥ÆäÀÌÁö°¡ ÂüÁ¶ÇÏ´Â º°µµÀÇ ÆÄÀÏ(±×¸², À½¼º µî)À» ÀÎÄÚµùÇÏ¿© ÇØ´ç À¥ÆäÀÌÁö ÆÄÀÏ¿¡ Æ÷ÇÔ½ÃŲ ±â¼ú o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - MFC Insecure Library Loading Vulnerability - CVE-2010-3190 o ¿µÇâ : Á¤º¸À¯Ãâ o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Microsoft Visual Studio .NET 2003 Service Pack 1 - Microsoft Visual Studio 2005 Service Pack 1 - Microsoft Visual Studio 2008 Service Pack 1 - Microsoft Visual Studio 2010 - Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package - Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package - Microsoft Visual C++ 2010 Redistributable Package ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-026.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-026.mspx [MS11-027] ActiveX Kill Bits º¸¾È ¾÷µ¥ÀÌÆ® ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ¿­¾úÀ» °æ¿ì ƯÁ¤ ActiveX¸¦ »ç¿ëÇÏ¿© ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇà µÉ ¼ö ÀÖÀ½ o ÇØ´ç ¾÷µ¥ÀÌÆ®´Â 3°¡Áö ActiveX¿¡ ´ëÇÑ Kill BitsÀ» Àû¿ëÇÔ ¡Ø ActiveX Kill Bits : ÀÎÅÍ³Ý ÀͽºÇ÷η¯¿¡¼­ ƯÁ¤ ActiveXÄÁÆ®·Ñ ½ÇÇàÀ» ÁßÁö½ÃÅ°´Â ±â´É o °ü·ÃÃë¾àÁ¡ : - Microsoft Internet Explorer 8 Developer Tools Vulnerability - CVE-2010-0811 - Microsoft WMITools ActiveX Control Vulnerability - CVE-2010-3973 - Microsoft Windows Messenger ActiveX Control Vulnerability - CVE-2011-1243 o ¿µÇâ : ¿ø°ÝÄÚµå ½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems SP0, SP2 - Windows Server 2008 for x64-based Systems SP0, SP2 - Windows Server 2008 for Itanium-based Systems SP0, SP2 - Windows 7 for 32-bit SP0, SP1 - Windows 7 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-027.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-027.mspx [MS11-028] .NET Framework Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o XBAPsÀ¸·Î Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ¿­¾úÀ» °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø .NET Framework : À©µµ¿ì ÇÁ·Î±×·¥ °³¹ß ¹× ½ÇÇà ȯ°æ ¡Ø XBAPs(XAML Browser Applications) : À¥ ºê¶ó¿ìÀú¿¡¼­ ½ÇÇàµÇ´Â WPF(Windows Presentation Foundation) ÀÀ¿ë ÇÁ·Î±×·¥ o °ü·ÃÃë¾àÁ¡ : - SMB Transaction Parsing Vulnerability - CVE-2011-0661 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - .NET Framework 2.0 SP2, .NET Framework 3.5 SP1 ¡¤ Windows XP SP3 ¡¤ Windows XP Professional x64 Edition SP2 ¡¤ Windows Server 2003 SP2 ¡¤ Windows Server 2003 x64 Edition SP2 ¡¤ Windows Server 2003 with SP2 for Itanium-based Systems ¡¤ Windows Vista SP1, SP2 ¡¤ Windows Vista x64 Edition SP1, SP2 ¡¤ Windows Server 2008 for 32-bit Systems SP0, SP1** ¡¤ Windows Server 2008 for x64-based Systems SP0, SP2** ¡¤ Windows Server 2008 for Itanium-based Systems SP2 - .NET Framework 3.5.1 ¡¤ Windows 7 for 32-bit Systems SP0, SP1 ¡¤ Windows 7 for x64-based Systems SP0, SP1 ¡¤ Windows Server 2008 R2 for x64-based Systems SP0, SP1 ¡¤ Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 - .NET Framework 4.0 ¡¤ Windows XP SP3 ¡¤ Windows XP Professional x64 Edition SP2 ¡¤ Windows Server 2003 SP2 ¡¤ Windows Server 2003 x64 Edition SP2 ¡¤ Windows Server 2003 with SP2 for Itanium-based Systems ¡¤ Windows Vista SP1, SP2 ¡¤ Windows Vista x64 Edition SP1, SP2 ¡¤ Windows Server 2008 for 32-bit Systems SP0, SP1** ¡¤ Windows Server 2008 for x64-based Systems SP0, SP2** ¡¤ Windows Server 2008 for Itanium-based Systems SP2 ¡¤ Windows 7 for 32-bit Systems SP0, SP1 ¡¤ Windows 7 for x64-based Systems SP0, SP1 ¡¤ Windows Server 2008 R2 for x64-based Systems SP0, SP1 ¡¤ Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡Ø **Ç¥½ÃµÈ À©µµ¿ì¸¦ ¼­¹öÄÚ¾î(Server Core)¿É¼ÇÀ¸·Î ¼³Ä¡ÇÑ °æ¿ì, ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâÀ» ¹ÞÁö ¾ÊÀ½ ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-028.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-028.mspx [MS11-029] GDI+ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁöÆÄÀÏÀ» ¿­¾îº¼ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý o °ü·ÃÃë¾àÁ¡ : - GDI+ Integer Overflow Vulnerability - CVE-2011-0041 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems SP0, SP2** - Windows Server 2008 for x64-based Systems SP0, SP2** - Windows Server 2008 for Itanium-based Systems SP0, SP2 - Microsoft Office XP SP3 o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows 7 for 32-bit Systems SP0, SP1 - Windows 7 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 - Microsoft Office 2003 SP3 - Microsoft Office 2007 SP2 - Microsoft Office 2010 32-bit, 64-bit editions ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-029.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-029.mspx [MS11-030] DNS Resolution Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ LLMNR ºê·Îµåij½ºÆ® Äõ¸®¸¦ º¸³¾ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø LLMNR(Link-local Multicast Name Resolution) : ·ÎÄó×Æ®¿öÅ© ³» Á¸ÀçÇϴ ȣ½ºÆ® À̸§ È®Àο¡ ¾²ÀÌ´Â DNSÆÐŶ Çü½Ä ±â¹Ý ÇÁ·ÎÅäÄÝ o °ü·ÃÃë¾àÁ¡ : - DNS Query Vulnerability - CVE-2011-0657 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems SP0, SP2 - Windows Server 2008 for x64-based Systems SP0, SP2 - Windows Server 2008 for Itanium-based Systems SP0, SP2 - Windows 7 for 32-bit SP0, SP1 - Windows 7 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-030.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-030.mspx [MS11-031] JScript, VBScript ¿£Áø Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ¹æ¹®ÇÒ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø JScript : ÀÎÅÍ³Ý ÀͽºÇ÷η¯¿¡ »ç¿ëÇÏ´Â ½ºÅ©¸³Æà ¾ð¾î ¡Ø VBScript : ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®°¡ °³¹ßÇÑ ¾×Ƽºê ½ºÅ©¸³Æ® ¾ð¾î o °ü·ÃÃë¾àÁ¡ : - Scripting Memory Reallocation Vulnerability - CVE-2011-0663 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - JScript 5.6, VBScript 5.6 ¡¤ Windows XP Professional x64 Edition SP2 ¡¤ Windows Server 2003 SP2 ¡¤ Windows Server 2003 x64 Edition SP2 ¡¤ Windows Server 2003 with SP2 for Itanium-based Systems - JScript 5.7, VBScript 5.7 ¡¤ Windows XP SP3 ¡¤ Windows XP Professional x64 Edition SP2 ¡¤ Windows Server 2003 SP2 ¡¤ Windows Server 2003 x64 Edition SP2 ¡¤ Windows Server 2003 with SP2 for Itanium-based Systems ¡¤ Windows Vista SP1, SP2 ¡¤ Windows Vista x64 Edition SP1, SP2 ¡¤ Windows Server 2008 for 32-bit Systems SP0, SP2** ¡¤ Windows Server 2008 for x64-based Systems SP0, SP2** ¡¤ Windows Server 2008 for Itanium-based Systems SP2 - JScript 5.8, VBScript 5.8 ¡¤ Windows XP SP3 ¡¤ Windows XP Professional x64 Edition SP2 ¡¤ Windows Server 2003 SP2 ¡¤ Windows Server 2003 x64 Edition SP2 ¡¤ Windows Vista SP1, SP2 ¡¤ Windows Vista x64 Edition SP1, SP2 ¡¤ Windows Server 2008 for 32-bit Systems SP0, SP2** ¡¤ Windows Server 2008 for x64-based Systems SP0, SP2** ¡¤ Windows 7 for 32-bit Systems SP0, SP1 ¡¤ Windows 7 for x64-based Systems SP0, SP1 ¡¤ Windows Server 2008 R2 for x64-based Systems SP0, SP1** ¡¤ Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡Ø **Ç¥½ÃµÈ À©µµ¿ì¸¦ ¼­¹öÄÚ¾î(Server Core)¿É¼ÇÀ¸·Î ¼³Ä¡ÇÑ °æ¿ì, ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâÀ» ¹ÞÁö ¾ÊÀ½ o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - JScript 5.8 and VBScript 5.8 installed with Internet Explorer 9 ¡¤ Windows Vista SP2 ¡¤ Windows Vista x64 Edition SP2 ¡¤ Windows Server 2008 for 32-bit Systems SP2 ¡¤ Windows Server 2008 for x64-based Systems SP2 ¡¤ Windows 7 for 32-bit Systems SP0, SP1 ¡¤ Windows 7 for x64-based Systems SP0, SP2 ¡¤ Windows Server 2008 R2 for x64-based Systems SP0, SP1 ¡¤ Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-031.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-031.mspx [MS11-032] OpenType Compact Font Format (CFF) µå¶óÀ̹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o Ư¼öÇÏ°Ô Á¶ÀÛµÈ CFF ÆùÆ®¸¦ ·£´õ¸µ ÇÒ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý ¡Ø OpenType Compact Font Format (CFF) : À©µµ¿ì¿Í ¸ÅŲÅä½Ã ¿î¿µÃ¼Á¦¿¡¼­ »ç¿ëµÇ´Â È®Àå ±Û²Ã ÆÄÀÏ Çü½Ä o °ü·ÃÃë¾àÁ¡ : -OpenType Font Stack Overflow Vulnerability - CVE-2011-0034 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : ±ä±Þ ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1, SP2 - Windows Vista x64 Edition SP1, SP2 - Windows Server 2008 for 32-bit Systems SP0, SP2 - Windows Server 2008 for x64-based Systems SP0, SP2 - Windows Server 2008 for Itanium-based Systems SP0, SP2 - Windows 7 for 32-bit SP0, SP1 - Windows 7 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for x64-based Systems SP0, SP1 - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-032.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-032.mspx [MS11-033] WordPad Text Converters Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦ ¡à ¿µÇâ o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ ¡à ¼³¸í o »ç¿ëÀÚ°¡ ¿öµåÆе带 ÅëÇÏ¿© Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ ¹ß»ý o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - WordPad Converter Parsing Vulnerability - CVE-2011-0028 o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î - Windows Vista SP1 and Windows Vista SP2 - Windows Vista x64 Edition SP1 and Windows Vista x64 Edition SP2 - Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems SP2 - Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems SP2 - Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems SP2 - Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1 - Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1 - Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems SP1 - Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-033.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-033.mspx [MS11-034] Windows Kernel-Mode Drivers Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦ ¡à ¿µÇâ o »ç¿ëÀÚ ±ÇÇÑÀ» °¡Áø °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ ¡à ¼³¸í o À©µµ¿ì Ä¿³Î ¸ðµå µå¶óÀ̹ö°¡ °´Ã¼¸¦ °ü¸®ÇÏ°í À¯ÁöÇÏ´Â °úÁ¤ÀÇ ¿À·ù·Î ÀÎÇÑ ±ÇÇÑ»ó½Â Ãë¾àÁ¡ÀÌ ¹ß»ý o ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ·Î±×¿ÂÇÑ °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÀÀ¿ëÇÁ·Î±×·¥À» ½ÇÇàÇÏ¿© ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É ¡Ø °ø°ÝÀÚ´Â À¯È¿ÇÑ ·Î±×¿Â °èÁ¤À» °¡Áö°í ÀÖ´Â »óÅ¿¡¼­ ·ÎÄÿ¡¼­¸¸ °ø°ÝÀÌ °¡´ÉÇÔ. ¿ø°Ý¿¡¼­ ¶Ç´Â À͸íÀÇ »ç¿ëÀڷδ °ø°ÝÀÌ ºÒ°¡´É ÇÔ o °ü·ÃÃë¾àÁ¡ : - Severity Ratings and Vulnerability Identifiers - Vulnerability Type 1: Win32k Use After Free Vulnerability - Vulnerability Type 2: Win32k Null Pointer De-reference Vulnerability o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà o Áß¿äµµ : Áß¿ä ¡à ÇØ´ç½Ã½ºÅÛ o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î - Windows XP SP3 - Windows XP Professional x64 Edition SP2 - Windows Server 2003 SP2 - Windows Server 2003 x64 Edition SP2 - Windows Server 2003 with SP2 for Itanium-based Systems - Windows Vista SP1 and Windows Vista SP2 - Windows Vista x64 Edition SP1 and Windows Vista x64 Edition SP2 - Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems SP2 - Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems SP2 - Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems SP2 - Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1 - Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1 - Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems SP1 - Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2 for Itanium-based Systems SP1 ¡à ÇØ°áÃ¥ o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë ¡à ÂüÁ¶»çÀÌÆ® o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-034.mspx o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-034.mspx