ºü¸¥ ¸Þ´º
  ¼¼±Ý°è»ê¼­/¿µ¼öÁõ ¹ß±Þ
  ¿ä±Ý ³³ºÎ/¹Ì³³ Á¶È¸
°øÁö ¹× ¾È³»
  °øÁö»çÇ×
  ÀÛ¾÷°øÁö
À̺¥Æ® ¹× ½Å±Ô¼­ºñ½º
  À̺¥Æ®
  ½Å±Ô ¼­ºñ½º
»ó´ã ¹× ¹®ÀÇ
  ÀÚÁÖ ¹¯´Â Áú¹®
  1:1Áú¹®°ú ´äº¯
  ¹®ÀǸÞÀÏ º¸³»±â
  °í°´»ó´ã ÀüÈ­¹øÈ£ ¾È³»
»ç¿ë¹ý ¾È³»
  ¼­ºñ½º »ç¿ë¹ý
°í°´ÀÇ ¼Ò¸®
  ĪÂùÇÕ´Ï´Ù
  Best ĪÂù»ç¿ø
  Á¦¾ÈÇÕ´Ï´Ù
  Á¦¾È ¹Ý¿µ ³»¿ª
BlueCGI ºÒ·®»ç¿ëÀÚ ½Å°í
ºí·çÀ¥ ÄÝ¹é ¼­ºñ½º

Ȩ > °øÁö ¹× ¾È³» > °øÁö»çÇ×
Á¦¸ñ [º¸¾È] 4¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í µî·ÏÀÏ 2011-04-13
³»¿ë

[MS11-018] Internet Explorer 6, 7, 8 Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç
  o °ü·ÃÃë¾àÁ¡ :
    - Layouts Handling Memory Corruption Vulnerability - CVE-2011-0094
    - MSHTML Memory Corruption Vulnerability - CVE-2011-0346
    - Frame Tag Information Disclosure Vulnerability - CVE-2011-1244
    - Javascript Information Disclosure Vulnerability - CVE-2011-1245
    - Object Management Memory Corruption Vulnerability - CVE-2011-1345
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Internet Explorer 6 on Windows XP SP3
    - Internet Explorer 6 on Windows XP Professional x64 Edition SP2
    - Internet Explorer 6 on Windows Server 2003 SP2
    - Internet Explorer 6 on Windows Server 2003 x64 Edition SP2
    - Internet Explorer 6 on Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 on Windows XP SP3
    - Internet Explorer 7 on Windows XP Professional x64 Edition SP2
    - Internet Explorer 7 on Windows Server 2003 SP2
    - Internet Explorer 7 on Windows Server 2003 x64 Edition SP2
    - Internet Explorer 7 on Windows Server 2003 with SP2 for Itanium-based Systems
    - Internet Explorer 7 on Windows Vista SP1, SP2
    - Internet Explorer 7 on Windows Vista x64 Edition SP1, SP2
    - Internet Explorer 7 on Windows Server 2008 for 32-bit Systems SP0, SP2**
    - Internet Explorer 7 on Windows Server 2008 for x64-based Systems SP0, SP2**
    - Internet Explorer 7 on Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Internet Explorer 8 on Windows XP SP3
    - Internet Explorer 8 on Windows XP Professional x64 Edition SP2
    - Internet Explorer 8 on Windows Server 2003 SP2
    - Internet Explorer 8 on Windows Server 2003 x64 Edition SP2
    - Internet Explorer 8 on Windows Vista SP1, SP2
    - Internet Explorer 8 on Windows Vista x64 Edition SP1, SP2
    - Internet Explorer 8 on Windows Server 2008 for 32-bit Systems SP0, SP2**
    - Internet Explorer 8 on Windows Server 2008 for x64-based Systems SP0, SP2**
    - Internet Explorer 8 on Windows 7 for 32-bit Systems
    - Internet Explorer 8 on Windows 7 for x64-based Systems
    - Internet Explorer 8 on Windows Server 2008 R2 for x64-based Systems**
    - Internet Explorer 8 on Windows Server 2008 R2 for Itanium-based Systems
      ¡Ø **Ç¥½ÃµÈ À©µµ¿ì¸¦ ¼­¹öÄÚ¾î(Server Core)¿É¼ÇÀ¸·Î ¼³Ä¡ÇÑ °æ¿ì, ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâÀ»
         ¹ÞÁö ¾ÊÀ½
  
  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Internet Explorer 9 on Windows Vista 32-bit SP2
    - Internet Explorer 9 on Windows Vista 64-bit SP2
    - Internet Explorer 9 on Windows Server 2008 for 32-bit SP2
    - Internet Explorer 9 on Windows Server 2008 for 64-bit SP2
    - Internet Explorer 9 on Windows 7 for 32-bit SP0, SP1
    - Internet Explorer 9 on Windows 7 for 64-bit SP0, SP1
    - Internet Explorer 9 on Windows Server 2008 R2 for 64-bit SP0, SP1

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-018.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-018.mspx

 

[MS11-019] SMB Ŭ¶óÀ̾ðÆ® Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ SMBÀÀ´äÀ» Ŭ¶óÀ̾ðÆ®·Î º¸³¾ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
    ¡Ø SMB(Server Message Block) : À©µµ¿ì ȯ°æ¿¡ »ç¿ëµÇ´Â ÆÄÀÏ/Àμâ±â °øÀ¯ ÇÁ·ÎÅäÄÝ
  o °ü·ÃÃë¾àÁ¡ :
    - Browser Pool Corruption Vulnerability - CVE-2011-0654
    - SMB Client Response Parsing Vulnerability - CVE-2011-0660
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems SP0, SP2
    - Windows Server 2008 for x64-based Systems SP0, SP2
    - Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Windows 7 for 32-bit SP0, SP1
    - Windows 7 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
 
¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-019.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-019.mspx

 

[MS11-020] SMB ¼­¹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ SMBÆÐŶÀ» ¼­¹ö·Î º¸³¾ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
    ¡Ø SMB(Server Message Block) : À©µµ¿ì ȯ°æ¿¡ »ç¿ëµÇ´Â ÆÄÀÏ/Àμâ±â °øÀ¯ ÇÁ·ÎÅäÄÝ
  o °ü·ÃÃë¾àÁ¡ :
    - SMB Transaction Parsing Vulnerability - CVE-2011-0661
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems SP0, SP2
    - Windows Server 2008 for x64-based Systems SP0, SP2
    - Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Windows 7 for 32-bit SP0, SP1
    - Windows 7 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
 
¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-020.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-020.mspx

 


[MS11-021] Microsoft Excel Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Excel ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - Excel Integer Overrun Vulnerability - CVE-2011-0097
    - Excel Heap Overflow Vulnerability - CVE-2011-0098
    - Excel Record Parsing WriteAV Vulnerability - CVE-2011-0101
    - Excel Memory Corruption Vulnerability - CVE-2011-0103
    - Excel Buffer Overwrite Vulnerability - CVE-2011-0104
    - Excel Data Initialization Vulnerability - CVE-2011-0105
    - Excel Array Indexing Vulnerability - CVE-2011-0978
    - Excel Linked List Corruption Vulnerability - CVE-2011-0979
    - Excel Dangling Pointer Vulnerability - CVE-2011-0980
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Office XP SP3
    - Microsoft Office 2003 SP3
    - Microsoft Office 2007 SP2
    - Microsoft Office 2010 for 32-bit editions, 64-bit editions
    - Microsoft Office 2004 for Mac
    - Microsoft Office 2008 for Mac
    - Microsoft Office 2011 for Mac
    - Open XML File Format Converter for Mac
    - Microsoft Excel Viewer SP2
    - Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP

  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Works 9

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-021.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-021.mspx

 

[MS11-022] Microsoft PowerPoint Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ PowerPoint ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - Floating Point Techno-color Time Bandit RCE Vulnerability - CVE-2011-0655
    - Persist Directory RCE Vulnerability - CVE-2011-0656
    - OfficeArt Atom RCE Vulnerability - CVE-2011-0976
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Office XP SP3
    - Microsoft Office 2003 SP3
    - Microsoft Office 2007 SP2
    - Microsoft Office 2010 for 32-bit editions, 64-bit editions
    - Microsoft Office 2004 for Mac
    - Microsoft Office 2008 for Mac
    - Microsoft Office 2011 for Mac
    - Open XML File Format Converter for Mac
    - Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
      Service Pack 2
    - Microsoft PowerPoint Viewer 2007 SP2
    - Microsoft PowerPoint Viewer

  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Works 9

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-022.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-022.mspx

 

[MS11-023] Microsoft Office Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Office ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - Office Component Insecure Library Loading Vulnerability - CVE-2011-0107
    - Microsoft Office Graphic Object Dereferencing Vulnerability - CVE-2011-0977
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Office XP SP3
    - Microsoft Office 2003 SP3
    - Microsoft Office 2007 SP2
    - Microsoft Office 2004 for Mac
    - Microsoft Office 2008 for Mac
    - Open XML File Format Converter for Mac

  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Office 2010 for 32-bit editions, 64-bit editions
    - Microsoft Office XP SP3
    - Microsoft Office for Mac 2011
    - Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2
    - Microsoft Word Viewer
    - Microsoft Excel Viewer SP2
    - Microsoft PowerPoint Viewer SP2
    - Microsoft Visio 2007 Viewer SP2
    - Microsoft Visio 2010 Viewer
    - Microsoft Works 9

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-023.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-023.mspx

 

[MS11-024] Microsoft Fax Cover Page Editor Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ Æѽº Ç¥ÁöÆäÀÌÁö ÆÄÀÏ(.cov)À» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - Fax Cover Page Editor Memory Corruption Vulnerability - CVE-2010-3974
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1 and Windows Vista SP2
    - Windows Vista x64 Edition SP1 and Windows Vista x64 Edition SP2
    - Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems SP2
    - Windows Server 2008 for x64-based Systems and Windows Server 2008
      for x64-based Systems SP2
    - Windows Server 2008 for Itanium-based Systems and Windows Server 2008
      for Itanium-based Systems SP2
    - Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1
    - Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1
    - Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2
      for x64-based Systems SP1
    - Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2
      for Itanium-based Systems SP1

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-024.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-024.mspx

 

[MS11-025] Microsoft Foundation Class Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o MFC¸¦ »ç¿ëÇϴ ƯÁ¤ ÀÀ¿ë ÇÁ·Î±×·¥ ¶Ç´Â Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà
    Ãë¾àÁ¡ÀÌ Á¸Àç
    ¡Ø Microsoft Foundation Class (MFC) : MS À©µµ¿ì ÇÁ·Î±×·¡¹ÖÀ» À§ÇÑ ÀÀ¿ëÇÁ·Î±×·¥
       ÇÁ·¹ÀÓ¿öÅ© ¶óÀ̺귯¸®
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - MFC Insecure Library Loading Vulnerability - CVE-2010-3190
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Visual Studio .NET 2003 SP1
    - Microsoft Visual Studio 2005 SP1
    - Microsoft Visual Studio 2008 SP1
    - Microsoft Visual Studio 2010
    - Microsoft Visual C++ 2005 SP1 Redistributable Package
    - Microsoft Visual C++ 2008 SP1 Redistributable Package
    - Microsoft Visual C++ 2010 Redistributable Package

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-025.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-025.mspx

 

[MS11-026] MHTML Ãë¾àÁ¡À¸·Î ÀÎÇÑ Á¤º¸À¯Ãâ ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛÀ¸·ÎºÎÅÍ Á¤º¸¸¦ À¯ÃâÇÒ ¼ö ÀÖÀ½

¡à ¼³¸í
  o À¥»çÀÌÆ®¿¡ »ðÀÔµÈ Á¶ÀÛµÈ ¸µÅ©¸¦ Ŭ¸¯ÇÒ °æ¿ì MHTML ÀÀ´äó¸® ¹æ½ÄÀÇ ¹®Á¦·Î ÀÎÇØ Á¤º¸À¯Ãâ
    Ãë¾àÁ¡ ¹ß»ý
    ¡Ø MHTML : MHTML À¥ÆäÀÌÁö°¡ ÂüÁ¶ÇÏ´Â º°µµÀÇ ÆÄÀÏ(±×¸², À½¼º µî)À» ÀÎÄÚµùÇÏ¿© ÇØ´ç
       À¥ÆäÀÌÁö ÆÄÀÏ¿¡ Æ÷ÇÔ½ÃŲ ±â¼ú
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - MFC Insecure Library Loading Vulnerability - CVE-2010-3190
  o ¿µÇâ : Á¤º¸À¯Ãâ
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Microsoft Visual Studio .NET 2003 Service Pack 1
    - Microsoft Visual Studio 2005 Service Pack 1
    - Microsoft Visual Studio 2008 Service Pack 1
    - Microsoft Visual Studio 2010
    - Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package
    - Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package
    - Microsoft Visual C++ 2010 Redistributable Package

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-026.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-026.mspx

 

[MS11-027] ActiveX Kill Bits º¸¾È ¾÷µ¥ÀÌÆ®

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ¿­¾úÀ» °æ¿ì ƯÁ¤ ActiveX¸¦ »ç¿ëÇÏ¿© ¿ø°Ý¿¡¼­ Äڵ尡
    ½ÇÇà µÉ ¼ö ÀÖÀ½
  o ÇØ´ç ¾÷µ¥ÀÌÆ®´Â 3°¡Áö ActiveX¿¡ ´ëÇÑ Kill BitsÀ» Àû¿ëÇÔ
    ¡Ø ActiveX Kill Bits : ÀÎÅÍ³Ý ÀͽºÇ÷η¯¿¡¼­ ƯÁ¤ ActiveXÄÁÆ®·Ñ ½ÇÇàÀ» ÁßÁö½ÃÅ°´Â ±â´É
  o °ü·ÃÃë¾àÁ¡ :
    - Microsoft Internet Explorer 8 Developer Tools Vulnerability - CVE-2010-0811
    - Microsoft WMITools ActiveX Control Vulnerability - CVE-2010-3973
    - Microsoft Windows Messenger ActiveX Control Vulnerability - CVE-2011-1243
  o ¿µÇâ : ¿ø°ÝÄÚµå ½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems SP0, SP2
    - Windows Server 2008 for x64-based Systems SP0, SP2
    - Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Windows 7 for 32-bit SP0, SP1
    - Windows 7 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-027.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-027.mspx

 

[MS11-028] .NET Framework Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o XBAPsÀ¸·Î Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ¿­¾úÀ» °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
    ¡Ø .NET Framework : À©µµ¿ì ÇÁ·Î±×·¥ °³¹ß ¹× ½ÇÇà ȯ°æ
    ¡Ø XBAPs(XAML Browser Applications) : À¥ ºê¶ó¿ìÀú¿¡¼­ ½ÇÇàµÇ´Â WPF(Windows Presentation Foundation) ÀÀ¿ë ÇÁ·Î±×·¥
  o °ü·ÃÃë¾àÁ¡ :
    - SMB Transaction Parsing Vulnerability - CVE-2011-0661
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - .NET Framework 2.0 SP2, .NET Framework 3.5 SP1
       ¡¤  Windows XP SP3
       ¡¤  Windows XP Professional x64 Edition SP2
       ¡¤  Windows Server 2003 SP2
       ¡¤  Windows Server 2003 x64 Edition SP2
       ¡¤  Windows Server 2003 with SP2 for Itanium-based Systems
       ¡¤  Windows Vista SP1, SP2
       ¡¤  Windows Vista x64 Edition SP1, SP2
       ¡¤  Windows Server 2008 for 32-bit Systems SP0, SP1**
       ¡¤  Windows Server 2008 for x64-based Systems SP0, SP2**
       ¡¤  Windows Server 2008 for Itanium-based Systems SP2
    - .NET Framework 3.5.1
       ¡¤  Windows 7 for 32-bit Systems SP0, SP1
       ¡¤  Windows 7 for x64-based Systems SP0, SP1
       ¡¤  Windows Server 2008 R2 for x64-based Systems SP0, SP1
       ¡¤  Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
    -  .NET Framework 4.0
       ¡¤  Windows XP SP3
       ¡¤  Windows XP Professional x64 Edition SP2
       ¡¤  Windows Server 2003 SP2
       ¡¤  Windows Server 2003 x64 Edition SP2
       ¡¤  Windows Server 2003 with SP2 for Itanium-based Systems
       ¡¤  Windows Vista SP1, SP2
       ¡¤  Windows Vista x64 Edition SP1, SP2
       ¡¤  Windows Server 2008 for 32-bit Systems SP0, SP1**
       ¡¤  Windows Server 2008 for x64-based Systems SP0, SP2**
       ¡¤  Windows Server 2008 for Itanium-based Systems SP2
       ¡¤  Windows 7 for 32-bit Systems SP0, SP1
       ¡¤  Windows 7 for x64-based Systems SP0, SP1
       ¡¤  Windows Server 2008 R2 for x64-based Systems SP0, SP1
       ¡¤  Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
     ¡Ø **Ç¥½ÃµÈ À©µµ¿ì¸¦ ¼­¹öÄÚ¾î(Server Core)¿É¼ÇÀ¸·Î ¼³Ä¡ÇÑ °æ¿ì, ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâÀ»
        ¹ÞÁö ¾ÊÀ½

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-028.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-028.mspx

 

[MS11-029] GDI+ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁöÆÄÀÏÀ» ¿­¾îº¼ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
  o °ü·ÃÃë¾àÁ¡ :
    - GDI+ Integer Overflow Vulnerability - CVE-2011-0041
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems SP0, SP2**
    - Windows Server 2008 for x64-based Systems SP0, SP2**
    - Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Microsoft Office XP SP3

   o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows 7 for 32-bit Systems SP0, SP1
    - Windows 7 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
    - Microsoft Office 2003 SP3
    - Microsoft Office 2007 SP2
    - Microsoft Office 2010 32-bit, 64-bit editions
 
¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-029.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-029.mspx

 

[MS11-030] DNS Resolution Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ LLMNR ºê·Îµåij½ºÆ® Äõ¸®¸¦ º¸³¾ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ
    ¹ß»ý
    ¡Ø LLMNR(Link-local Multicast Name Resolution) : ·ÎÄó×Æ®¿öÅ© ³» Á¸ÀçÇϴ ȣ½ºÆ® À̸§
       È®Àο¡ ¾²ÀÌ´Â DNSÆÐŶ Çü½Ä ±â¹Ý ÇÁ·ÎÅäÄÝ
  o °ü·ÃÃë¾àÁ¡ :
    - DNS Query Vulnerability - CVE-2011-0657
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems SP0, SP2
    - Windows Server 2008 for x64-based Systems SP0, SP2
    - Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Windows 7 for 32-bit SP0, SP1
    - Windows 7 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
 
¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-030.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-030.mspx

 

[MS11-031] JScript, VBScript ¿£Áø Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ÆäÀÌÁö¸¦ ¹æ¹®ÇÒ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
    ¡Ø JScript : ÀÎÅÍ³Ý ÀͽºÇ÷η¯¿¡ »ç¿ëÇÏ´Â ½ºÅ©¸³Æà ¾ð¾î
    ¡Ø VBScript : ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®°¡ °³¹ßÇÑ ¾×Ƽºê ½ºÅ©¸³Æ® ¾ð¾î
  o °ü·ÃÃë¾àÁ¡ :
    - Scripting Memory Reallocation Vulnerability - CVE-2011-0663
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - JScript 5.6, VBScript 5.6
       ¡¤  Windows XP Professional x64 Edition SP2
       ¡¤  Windows Server 2003 SP2
       ¡¤  Windows Server 2003 x64 Edition SP2
       ¡¤  Windows Server 2003 with SP2 for Itanium-based Systems
    - JScript 5.7, VBScript 5.7
       ¡¤  Windows XP SP3
       ¡¤  Windows XP Professional x64 Edition SP2
       ¡¤  Windows Server 2003 SP2
       ¡¤  Windows Server 2003 x64 Edition SP2
       ¡¤  Windows Server 2003 with SP2 for Itanium-based Systems
       ¡¤  Windows Vista SP1, SP2
       ¡¤  Windows Vista x64 Edition SP1, SP2
       ¡¤  Windows Server 2008 for 32-bit Systems SP0, SP2**
       ¡¤  Windows Server 2008 for x64-based Systems SP0, SP2**
       ¡¤  Windows Server 2008 for Itanium-based Systems SP2
    - JScript 5.8, VBScript 5.8
       ¡¤  Windows XP SP3
       ¡¤  Windows XP Professional x64 Edition SP2
       ¡¤  Windows Server 2003 SP2
       ¡¤  Windows Server 2003 x64 Edition SP2
       ¡¤  Windows Vista SP1, SP2
       ¡¤  Windows Vista x64 Edition SP1, SP2
       ¡¤  Windows Server 2008 for 32-bit Systems SP0, SP2**
       ¡¤  Windows Server 2008 for x64-based Systems SP0, SP2**
       ¡¤  Windows 7 for 32-bit Systems SP0, SP1
       ¡¤  Windows 7 for x64-based Systems SP0, SP1
       ¡¤  Windows Server 2008 R2 for x64-based Systems SP0, SP1**
       ¡¤  Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
     ¡Ø **Ç¥½ÃµÈ À©µµ¿ì¸¦ ¼­¹öÄÚ¾î(Server Core)¿É¼ÇÀ¸·Î ¼³Ä¡ÇÑ °æ¿ì, ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâÀ»
        ¹ÞÁö ¾ÊÀ½

  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - JScript 5.8 and VBScript 5.8 installed with Internet Explorer 9
       ¡¤  Windows Vista SP2
       ¡¤  Windows Vista x64 Edition SP2
       ¡¤  Windows Server 2008 for 32-bit Systems SP2
       ¡¤  Windows Server 2008 for x64-based Systems SP2
       ¡¤  Windows 7 for 32-bit Systems SP0, SP1
       ¡¤  Windows 7 for x64-based Systems SP0, SP2
       ¡¤  Windows Server 2008 R2 for x64-based Systems SP0, SP1
       ¡¤  Windows Server 2008 R2 for Itanium-based Systems SP0, SP1

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-031.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-031.mspx

 

[MS11-032] OpenType Compact Font Format (CFF) µå¶óÀ̹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ
¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o Ư¼öÇÏ°Ô Á¶ÀÛµÈ CFF ÆùÆ®¸¦ ·£´õ¸µ ÇÒ °æ¿ì ¿ø°Ý¿¡¼­ Äڵ尡 ½ÇÇàµÇ´Â Ãë¾àÁ¡ÀÌ ¹ß»ý
    ¡Ø OpenType Compact Font Format (CFF) : À©µµ¿ì¿Í ¸ÅŲÅä½Ã ¿î¿µÃ¼Á¦¿¡¼­ »ç¿ëµÇ´Â
       È®Àå ±Û²Ã ÆÄÀÏ Çü½Ä
  o °ü·ÃÃë¾àÁ¡ :
    -OpenType Font Stack Overflow Vulnerability - CVE-2011-0034
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1, SP2
    - Windows Vista x64 Edition SP1, SP2
    - Windows Server 2008 for 32-bit Systems SP0, SP2
    - Windows Server 2008 for x64-based Systems SP0, SP2
    - Windows Server 2008 for Itanium-based Systems SP0, SP2
    - Windows 7 for 32-bit SP0, SP1
    - Windows 7 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for x64-based Systems SP0, SP1
    - Windows Server 2008 R2 for Itanium-based Systems SP0, SP1
 
¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS11-032.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-032.mspx

 

[MS11-033] WordPad Text Converters Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå ½ÇÇà ¹®Á¦

¡à ¿µÇâ
  o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ »ç¿ëÀÚ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o »ç¿ëÀÚ°¡ ¿öµåÆе带 ÅëÇÏ¿© Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÆÄÀÏÀ» ¿­¾úÀ» °æ¿ì ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ ¹ß»ý
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - WordPad Converter Parsing Vulnerability - CVE-2011-0028
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems

  o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows Vista SP1 and Windows Vista SP2
    - Windows Vista x64 Edition SP1 and Windows Vista x64 Edition SP2
    - Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems SP2
    - Windows Server 2008 for x64-based Systems and Windows Server 2008
      for x64-based Systems SP2
    - Windows Server 2008 for Itanium-based Systems and Windows Server 2008
      for Itanium-based Systems SP2
    - Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1
    - Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1
    - Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2
      for x64-based Systems SP1
    - Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2
      for Itanium-based Systems SP1

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-033.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-033.mspx

 

[MS11-034] Windows Kernel-Mode Drivers Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦

¡à ¿µÇâ
  o »ç¿ëÀÚ ±ÇÇÑÀ» °¡Áø °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
  o À©µµ¿ì Ä¿³Î ¸ðµå µå¶óÀ̹ö°¡ °´Ã¼¸¦ °ü¸®ÇÏ°í À¯ÁöÇÏ´Â °úÁ¤ÀÇ ¿À·ù·Î ÀÎÇÑ ±ÇÇÑ»ó½Â
    Ãë¾àÁ¡ÀÌ ¹ß»ý
  o ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ·Î±×¿ÂÇÑ °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÀÀ¿ëÇÁ·Î±×·¥À» ½ÇÇàÇÏ¿© ÀÓÀÇÀÇ
    ÄÚµå ½ÇÇà °¡´É
    ¡Ø °ø°ÝÀÚ´Â À¯È¿ÇÑ ·Î±×¿Â °èÁ¤À» °¡Áö°í ÀÖ´Â »óÅ¿¡¼­ ·ÎÄÿ¡¼­¸¸ °ø°ÝÀÌ °¡´ÉÇÔ.
        ¿ø°Ý¿¡¼­ ¶Ç´Â À͸íÀÇ »ç¿ëÀڷδ °ø°ÝÀÌ ºÒ°¡´É ÇÔ
  o °ü·ÃÃë¾àÁ¡ :
    - Severity Ratings and Vulnerability Identifiers
    - Vulnerability Type 1: Win32k Use After Free Vulnerability
    - Vulnerability Type 2: Win32k Null Pointer De-reference Vulnerability
  o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
  o Áß¿äµµ : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
  o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows XP SP3
    - Windows XP Professional x64 Edition SP2
    - Windows Server 2003 SP2
    - Windows Server 2003 x64 Edition SP2
    - Windows Server 2003 with SP2 for Itanium-based Systems
    - Windows Vista SP1 and Windows Vista SP2
    - Windows Vista x64 Edition SP1 and Windows Vista x64 Edition SP2
    - Windows Server 2008 for 32-bit Systems and Windows Server 2008
      for 32-bit Systems SP2
    - Windows Server 2008 for x64-based Systems and Windows Server 2008
      for x64-based Systems SP2
    - Windows Server 2008 for Itanium-based Systems and Windows Server 2008
      for Itanium-based Systems SP2
    - Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems SP1
    - Windows 7 for x64-based Systems and Windows 7 for x64-based Systems SP1
    - Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2
      for x64-based Systems SP1
    - Windows Server 2008 R2 for Itanium-based Systems and Windows Server 2008 R2
      for Itanium-based Systems SP1

¡à ÇØ°áÃ¥
  o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
  o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS11-034.mspx
  o ÇÑ±Û : http://www.microsoft.com/korea/technet/security/bulletin/MS11-034.mspx

¿øº» : http://www.krcert.or.kr



Á¤º¸º¸È£¾ÈÀüÁø´ÜÇÊÁõ ȹµæ Çѱ¹ÀÎÅͳÝÁøÈï¿ø °øÀÎ µµ¸ÞÀÎ µî·Ï´ëÇàÀÚ tucows kt idc sk idc
 
ºí·çÀ¥
¢ßÀ¯´ÏÆÄÀÌ ¼­¿ïƯº°½Ã ¼ºµ¿±¸ ±¤³ª·ç·Î 144, ´õ ½ºÆäÀ̽º Ÿ¿ö 7Ãþ, 13Ãþ (º»Á¡)
´ëÇ¥ÀÌ»ç : ÀÓ¼ºÈ£ »ç¾÷ÀÚµî·ÏÁõ¹øÈ£ : 106-81-85951 Åë½ÅÆǸž÷ ½Å°í¹øÈ£ : °­³² 3315È£ °³ÀÎÁ¤º¸º¸È£Ã¥ÀÓÀÚ : ÀÌÃæÈñ
Copyright¨Ï Blueweb All rights Reserved.