|
Á¦¸ñ |
 |
2010³â 6¿ù ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °øÁö ¹ßÇ¥ |
|
2010³â 6¿ù 9ÀÏ (¼ö)¿¡ ¹ßÇ¥µÈ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °øÁö ¹ßÇ¥ ³»¿ëÀ» ¿ä¾àÇÏ¿© Á¦°øÇÕ´Ï´Ù. º¸¾È °øÁö´Â ¿ù ´ÜÀ§·Î ¹ßÇ¥µÇ¾î º¸¾È Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
================================================
½Å±Ô º¸¾È °øÁö
================================================
¸¶ÀÌÅ©·Î¼ÒÇÁÆ®´Â »õ·Î ¹ß°ßµÈ Ãë¾àÁ¡¿¡ ´ëÇÏ¿© ´ÙÀ½°ú °°ÀÌ 10°³ÀÇ ½Å±Ô º¸¾È °øÁö¸¦ ¹ßÇ¥ÇÕ´Ï´Ù.
MS10-032 (Áß¿ä) Windows Ä¿³Î ¸ðµå µå¶óÀ̹öÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦Á¡ (979559) - Windows
MS10-033 (±ä±Þ) ¹Ìµð¾î ¾ÐÃà ÇØÁ¦ÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (979902) - Windows
MS10-034 (±ä±Þ) ActiveX ų(Kill) ºñÆ® ´©Àû º¸¾È ¾÷µ¥ÀÌÆ® (980195) - Windows
MS10-035 (±ä±Þ) Internet Explorer ´©Àû º¸¾È ¾÷µ¥ÀÌÆ® (982381) - Windows, Internet Explorer
MS10-036 (Áß¿ä) Microsoft OfficeÀÇ COM À¯È¿¼º °Ë»ç Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (983235) - Office
MS10-037 (Áß¿ä) OpenType CFF(Compact Font Format) µå¶óÀ̹öÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦Á¡ (980218) - Windows
MS10-038 (Áß¿ä) Microsoft Office ExcelÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (2027452) - Office
MS10-039 (Áß¿ä) Microsoft SharePointÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦Á¡ (2028554) - Office, SharePoint Server µî
MS10-040 (Áß¿ä) IIS(ÀÎÅÍ³Ý Á¤º¸ ¼ºñ½º)ÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (982666) - Windows
MS10-041 (Áß¿ä) Microsoft .NET FrameworkÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ º¯Á¶ ¹®Á¦Á¡ (981343) - Windows, .NET Framework
À§¿¡ ³ª¿ÇÑ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î ¸ñ·ÏÀº °£´ÜÈ÷ ¿ä¾àÇÑ °ÍÀÔ´Ï´Ù. ¿µÇâÀ» ¹Þ´Â ±¸¼º ¿ä¼Ò Àüü ¸ñ·ÏÀ» º¸·Á¸é °¢ º¸¾È °øÁö¸¦ ¿°í "¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î" ºÎºÐÀ» »ìÆìº¸½Ã±â ¹Ù¶ø´Ï´Ù.
================================================
½Å±Ô º¸¾È °øÁö ¿ä¾à À¥ ÆäÀÌÁö
================================================
½Å±Ô °øÁö¿¡ ´ëÇÑ ¿ä¾àÀº ´ÙÀ½ ÆäÀÌÁö¿¡ ÀÖ½À´Ï´Ù.
http://www.microsoft.com/korea/technet/security/bulletin/MS10-jun.mspx
================================================
¾Ç¼º ¼ÒÇÁÆ®¿þ¾î Á¦°Å µµ±¸
================================================
¸¶ÀÌÅ©·Î¼ÒÇÁÆ®´Â À©µµ¿ì ¾Ç¼º ¼ÒÇÁÆ®¿þ¾î Á¦°Å µµ±¸ÀÇ ¾÷µ¥ÀÌÆ®µÈ ¹öÀüÀ» Windows Server Update Services (WSUS), Windows Update (WU)¿Í ´Ù¿î·Îµå ¼¾ÅÍ¿¡¼ Á¦°øÇÕ´Ï´Ù.
ÀÌ µµ±¸´Â Software Update Services (SUS)¸¦ ÅëÇØ¼´Â ¹èÆ÷µÇÁö ¾ÊÀ½À» ÁÖÀÇÇÏ¿© ÁֽʽÿÀ. ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® À©µµ¿ì ¾Ç¼º ¼ÒÇÁÆ®¿þ¾î Á¦°Å µµ±¸¿¡ ´ëÇÑ Á¤º¸´Â http://support.microsoft.com/kb/890830 ¿¡¼ º¸½Ç ¼ö ÀÖ½À´Ï´Ù.
================================================
º¸¾È ¹®Á¦¿Í °ü°è¾øÁö¸¸ Á߿䵵°¡ ³ôÀº ¾÷µ¥ÀÌÆ®
================================================
¸¶ÀÌÅ©·Î¼ÒÇÁÆ®´Â Microsoft Update (MU), Windows Update (WU), Windows Server Update Services (WSUS)¸¦ ÅëÇØ º¸¾È ¹®Á¦¿Í °ü°è¾øÁö¸¸ Á߿䵵°¡ ³ôÀº ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥ÇÕ´Ï´Ù.
¿À´Ã ¹ßÇ¥ÇÑ Àüü ¾÷µ¥ÀÌÆ®ÀÇ ¸ñ·ÏÀº ´ÙÀ½ ±â¼ú ÀÚ·á¿¡¼ º¼ ¼ö ÀÖ½À´Ï´Ù.
2010³â¿¡ º¯°æµÈ Software Update Services ¹× Windows Server Update Services ³»¿ë¿¡ ´ëÇÑ ¼³¸í
http://support.microsoft.com/kb/894199
================================================
º¸¾È °øÁö À¥Ä³½ºÆ®
================================================
¸¶ÀÌÅ©·Î¼ÒÇÁÆ®´Â À̹ø °øÁö¿¡ ´ëÇÑ °í°´ Áú¹®¿¡ ´äÇÏ´Â À¥Ä³½ºÆ®¸¦ ÁøÇàÇÕ´Ï´Ù.
Á¦¸ñ: Information about Microsoft June Security Bulletins
ÀϽÃ: 2010³â 6¿ù 10ÀÏ (¸ñ) ¿ÀÀü 3½Ã (Çѱ¹ ½Ã°¢)
URL: https://msevents.microsoft.com/CUI/WebCastEventDetails.aspx?culture=en-US&EventID=1032427727
ÁÖÀÇ: ¸ðµç ³ª¶ó¿¡¼ µ¿½Ã¿¡ Âü¿©ÇÒ ¼ö ÀÖ´Â ÁúÀÇ ÀÀ´äÀ̱⠶§¹®¿¡ ¿µ¾î·Î ÁøÇàµË´Ï´Ù.
================================================
º¸¾È °øÁö ±â¼ú ¼¼ºÎ »çÇ×
================================================
¾Æ·¡ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ¿µÇâÀ» ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î Ç¥¿¡¼, ³ª¿µÇÁö ¾ÊÀº ¼ÒÇÁÆ®¿þ¾î´Â Áö¿ø ±â°£ÀÌ Áö³ Á¦Ç°ÀÔ´Ï´Ù. Á¦Ç°°ú ¹öÀü¿¡ ´ëÇÑ Áö¿ø ±â°£À» º¸·Á¸é ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® Áö¿ø ±â°£ ÆäÀÌÁö
http://support.microsoft.com/lifecycle/ ¸¦ Âü°íÇÏ¿© ÁֽʽÿÀ.
-------------------------------------------------
º¸¾È °øÁö MS10-032
-------------------------------------------------
Á¦¸ñ: Windows Ä¿³Î ¸ðµå µå¶óÀ̹öÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦Á¡ (979559)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Windows Ä¿³Î ¸ðµå µå¶óÀ̹öÀÇ °ø°³µÈ Ãë¾àÁ¡ 2°Ç°ú ºñ°ø°³·Î º¸°íµÈ Ãë¾àÁ¡ 1°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
ÀÌ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ TrueType ±Û²Ã·Î ·»´õ¸µµÈ ÄÜÅÙÃ÷¸¦ º¼ °æ¿ì ±ÇÇÑ »ó½ÂÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â °³Ã¼ º¯°æ ¹× ÄÝ¹é ¸Å°³ º¯¼ö À¯È¿¼º °Ë»ç¸¦ ¼öÁ¤Çϰí, Windows°¡ »ç¿ëÀÚ ¸ðµå ÀÀ¿ë ÇÁ·Î±×·¥¿¡ ´ëÇÑ TrueType ±Û²Ã À±°ûÀ» Á¦°øÇÏ´Â ¹æ½ÄÀ» ¼öÁ¤ÇÏ¿© ÀÌ Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- Win32k ºÎÀûÀýÇÑ µ¥ÀÌÅÍ À¯È¿¼º °Ë»ç Ãë¾àÁ¡ (CVE-2010-0484)
- Win32k â »ý¼º Ãë¾àÁ¡ (CVE-2010-0485)
- Win32k TrueType ±Û²Ã ±¸¹® ºÐ¼® Ãë¾àÁ¡ (CVE-2010-1255)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ±ÇÇÑ »ó½Â
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÕ´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS09-065
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-032.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-033
-------------------------------------------------
Á¦¸ñ: ¹Ìµð¾î ¾ÐÃà ÇØÁ¦ÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (979902)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft Windows¿¡¼ ¹ß°ßµÇ¾î ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Ãë¾àÁ¡ 2°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
ÀÌ·¯ÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¹Ìµð¾î ÆÄÀÏÀ» ¿°Å³ª, À¥ »çÀÌÆ® ¶Ç´Â À¥ ÄÜÅÙÃ÷¸¦ Á¦°øÇÏ´Â ÀÀ¿ë ÇÁ·Î±×·¥À¸·ÎºÎÅÍ Æ¯¼öÇÏ°Ô Á¶ÀÛµÈ ½ºÆ®¸®¹Ö ÄÜÅÙÃ÷¸¦ ¹ÞÀ» °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Windows¿¡¼ ¹Ìµð¾î ÆÄÀÏÀ» ±¸¹® ºÐ¼®ÇÏ´Â ¹æ½ÄÀ» ¼öÁ¤ÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: ±ä±Þ
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- ¹Ìµð¾î ¾ÐÃà ÇØÁ¦ Ãë¾àÁ¡ (CVE-2010-1879)
- MJPEG ¹Ìµð¾î ¾ÐÃà ÇØÁ¦ Ãë¾àÁ¡ (CVE-2010-1880)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ¿ø°Ý ÄÚµå ½ÇÇà
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS08-033, MS09-028, MS09-047 (¾Æ·¡ ¸µÅ©¿¡¼ ¼ÒÇÁÆ®¿þ¾î Á¦Ç°º°·Î È®ÀÎÇϽʽÿÀ)
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-033.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-034
-------------------------------------------------
Á¦¸ñ: ActiveX ų(Kill) ºñÆ® ´©Àû º¸¾È ¾÷µ¥ÀÌÆ® (980195)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft ¼ÒÇÁÆ®¿þ¾î¿¡¼ ¹ß°ßµÇ¾î ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Ãë¾àÁ¡ 2°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
ÀÌ·¯ÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Internet Explorer¸¦ »ç¿ëÇÏ¿© ƯÁ¤ ActiveX ÄÁÆ®·ÑÀ» ÀνºÅϽºÈÇϴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ ÆäÀÌÁö¸¦ º¼ °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
¶ÇÇÑ ÀÌ ¾÷µ¥ÀÌÆ®¿¡´Â 4°³ÀÇ Å¸»ç ActiveX ÄÁÆ®·Ñ¿¡ ´ëÇÑ Å³(Kill) ºñÆ®µµ Æ÷ÇԵǾî ÀÖ½À´Ï´Ù. º¸¾È ¾÷µ¥ÀÌÆ®´Â Ãë¾àÇÑ ÄÁÆ®·ÑÀÌ Internet Explorer¿¡¼ ½ÇÇàµÇÁö ¾Êµµ·Ï ų(kill) ºñÆ®¸¦ ¼³Á¤ÇÔÀ¸·Î½á Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: ±ä±Þ
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- Microsoft Data Analyzer ActiveX ÄÁÆ®·Ñ Ãë¾àÁ¡ (CVE-2010-0252)
- Microsoft Internet Explorer 8 °³¹ßÀÚ µµ±¸ Ãë¾àÁ¡ (CVE-2010-0811)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ¿ø°Ý ÄÚµå ½ÇÇà
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS10-008
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-034.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-035
-------------------------------------------------
Á¦¸ñ: Internet Explorer ´©Àû º¸¾È ¾÷µ¥ÀÌÆ® (982381)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Internet Explorer¿¡ ´ëÇØ ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Ãë¾àÁ¡ 5°Ç°ú °ø°³µÈ Ãë¾àÁ¡ 1°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
°¡Àå À§ÇèÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Internet Explorer¸¦ »ç¿ëÇÏ¿© Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ ÆäÀÌÁö¸¦ º¼ °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Internet Explorer¿¡¼ ¸Þ¸ð¸®, HTML »èÁ¦ ¹× ij½ÃµÈ ÄÜÅÙÃ÷ÀÇ °³Ã¼¸¦ ó¸®ÇÏ´Â ¹æ½ÄÀ» ¼öÁ¤ÇÏ¿© ÀÌ·¯ÇÑ Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: ±ä±Þ
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Internet Explorer 5
- Internet Explorer 6
- Internet Explorer 7
- Internet Explorer 8
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- µµ¸ÞÀÎ °£ Á¤º¸ À¯Ãâ Ãë¾àÁ¡ (CVE-2010-0255)
- toStaticHTML Á¤º¸ À¯Ãâ Ãë¾àÁ¡ (CVE-2010-1257)
- ÃʱâȵÇÁö ¾ÊÀº ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1259)
- HTML ¿ä¼Ò ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1260)
- ÃʱâȵÇÁö ¾ÊÀº ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1261)
- ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1262)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ¿ø°Ý ÄÚµå ½ÇÇà
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÕ´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS10-018
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-035.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-036
-------------------------------------------------
Á¦¸ñ: Microsoft OfficeÀÇ COM À¯È¿¼º °Ë»ç·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡ (983235)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Microsoft OfficeÀÇ COM À¯È¿¼º °Ë»ç Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÀÌ·¯ÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Excel, Word, Visio, Publisher ¶Ç´Â PowerPoint ÆÄÀÏÀ» ¿µÇâÀ» ¹Þ´Â Microsoft Office ¹öÀü¿¡¼ ¿ °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
º¸¾È ¾÷µ¥ÀÌÆ®´Â COM °³Ã¼¸¦ ÀνºÅϽºÈÇÏ´Â Microsoft OfficeÀÇ À¯È¿¼º °Ë»ç ¹æ½ÄÀ» ¼öÁ¤ÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Office XP
- Office 2003
- Excel 2003
- PowerPoint 2003
- Publisher 2003
- Visio 2003
- Word 2003
- 2007 Microsoft Office System
- Excel 2007
- PowerPoint 2007
- Publisher 2007
- Visio 2007
- Word 2007
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- COM À¯È¿¼º °Ë»ç Ãë¾àÁ¡ (CVE-2010-1263)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ¿ø°Ý ÄÚµå ½ÇÇà
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS08-055, MS09-017, MS10-017, MS10-004, MS10-023, MS10-028, MS09-068, MS09-027 (¾Æ·¡ ¸µÅ©¿¡¼ ¼ÒÇÁÆ®¿þ¾î Á¦Ç°º°·Î È®ÀÎÇϽʽÿÀ)
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-036.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-037
-------------------------------------------------
Á¦¸ñ: OpenType CFF(Compact Font Format) µå¶óÀ̹öÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦Á¡ (980218)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Windows OpenType CFF(Compact Font Format) µå¶óÀ̹öÀÇ Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÀÌ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ CFF ±Û²Ã·Î ·»´õ¸µµÈ ÄÜÅÙÃ÷¸¦ º¼ °æ¿ì ±ÇÇÑ »ó½ÂÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
º¸¾È ¾÷µ¥ÀÌÆ®´Â OpenType CFF(Compact Font Format) µå¶óÀ̹ö°¡ µ¥ÀÌÅÍÀÇ À¯È¿¼ºÀ» ¿Ã¹Ù¸£°Ô °Ë»çÇϵµ·Ï ÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- OpenType CFF ±Û²Ã µå¶óÀ̹ö ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-0819)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ±ÇÇÑ »ó½Â
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: ¾øÀ½
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-037.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-038
-------------------------------------------------
Á¦¸ñ: Microsoft Office ExcelÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (2027452)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft Office¿¡¼ ¹ß°ßµÇ¾î ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Ãë¾àÁ¡ 14°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
°¡Àå À§ÇèÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Excel ÆÄÀÏÀ» ¿ °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ ¾÷µ¥ÀÌÆ®´Â Microsoft Office Excel¿¡¼ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Excel ÆÄÀÏÀ» ±¸¹® ºÐ¼®ÇÏ´Â ¹æ½ÄÀ» º¯°æÇϰí Open XML File Format Converter for MacÀÇ ¼³Ä¡ ¹æ½ÄÀ» ¼öÁ¤ÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- Excel 2002
- Excel 2003
- Excel 2007
- Excel Viewer
- Word, Excel, PowerPoint 2007 ÆÄÀÏ Æ÷¸Ë¿ë Office ȣȯ ÆÑ
- Mac¿ë Office 2004
- Mac¿ë Office 2008
- Mac¿ë Open XML ÆÄÀÏ Æ÷¸Ë º¯È¯±â
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- Excel ·¹ÄÚµå ºÐ¼® ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-0821)
- Excel °³Ã¼ ½ºÅà ¿À¹öÇ÷ΠÃë¾àÁ¡ (CVE-2010-0822)
- Excel ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-0823)
- Excel ·¹ÄÚµå ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-0824)
- Excel ·¹ÄÚµå ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1245)
- Excel RTD ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1246)
- Excel ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1247)
- Excel HFPicture ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1248)
- Excel ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1249)
- Excel EDG ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1250)
- Excel ·¹ÄÚµå ½ºÅà ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1251)
- Excel ¹®ÀÚ¿ º¯¼ö Ãë¾àÁ¡ (CVE-2010-1252)
- Excel ADO °³Ã¼ Ãë¾àÁ¡ (CVE-2010-1253)
- Mac Office Open XML »ç¿ë ±ÇÇÑ Ãë¾àÁ¡ (CVE-2010-1254)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ¿ø°Ý ÄÚµå ½ÇÇà, ±ÇÇÑ »ó½Â
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS10-017
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-038.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-039
-------------------------------------------------
Á¦¸ñ: Microsoft SharePointÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ »ó½Â ¹®Á¦Á¡ (2028554)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft SharePointÀÇ °ø°³µÈ Ãë¾àÁ¡ 1°Ç°ú ºñ°ø°³·Î º¸°íµÈ Ãë¾àÁ¡ 2°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
°¡Àå À§ÇèÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ °ø°ÝÀÚ°¡ ´ë»ó SharePoint »çÀÌÆ®ÀÇ »ç¿ëÀÚ·Î ÇÏ¿©±Ý Ư¼öÇÏ°Ô Á¶ÀÛÇÑ ¸µÅ©¸¦ Ŭ¸¯Çϵµ·Ï À¯µµÇÑ °æ¿ì ±ÇÇÑ »ó½ÂÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft SharePoint°¡ HTTP Äõ¸® ÀÔ·ÂÀÇ À¯È¿¼ºÀ» °Ë»çÇÏ´Â ¹æ½Ä, toStaticHTMLÀÌ Microsoft SharePoint¿¡¼ HTML ÄÜÅÙÃ÷¸¦ ´Ùµë´Â ¹æ½Ä, Microsoft SharePoint°¡ µµ¿ò¸» ÆäÀÌÁö¿¡ ´ëÇØ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¿äûÀ» ó¸®ÇÏ´Â
¹æ½ÄÀ» ¼öÁ¤ÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- InfoPath 2003
- InfoPath 2007
- SharePoint Server 2007
- Windows SharePoint Services 3.0
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- Help.aspx XSS Ãë¾àÁ¡ (CVE-2010-0817)
- toStaticHTML Á¤º¸ À¯Ãâ Ãë¾àÁ¡ (CVE-2010-1257)
- Sharepoint µµ¿ò¸» ÆäÀÌÁö ¼ºñ½º °ÅºÎ Ãë¾àÁ¡ (CVE-2010-1264)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ±ÇÇÑ »ó½Â, Á¤º¸ À¯Ãâ
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS08-077
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-039.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-040
-------------------------------------------------
Á¦¸ñ: IIS(ÀÎÅÍ³Ý Á¤º¸ ¼ºñ½º)ÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡ (982666)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ IIS(ÀÎÅÍ³Ý Á¤º¸ ¼ºñ½º)ÀÇ Ãë¾àÁ¡ 1°ÇÀ» ÇØ°áÇÕ´Ï´Ù.
ÀÌ·¯ÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ HTTP ¿äûÀ» ¹ÞÀ» °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù.
ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÑ °ø°ÝÀÚ´Â ¿µÇâÀ» ¹Þ´Â ½Ã½ºÅÛÀ» ¿ÏÀüÈ÷ Á¦¾îÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â ÀÎÁõ À¯È¿¼º °Ë»ç¸¦ ¼öÁ¤ÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- IIS(ÀÎÅÍ³Ý Á¤º¸ ¼ºñ½º) 6.0
- IIS(ÀÎÅÍ³Ý Á¤º¸ ¼ºñ½º) 7.0
- IIS(ÀÎÅÍ³Ý Á¤º¸ ¼ºñ½º) 7.5
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- IIS ÀÎÁõ ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡ (CVE-2010-1256)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: ¿ø°Ý ÄÚµå ½ÇÇà
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: ¾øÀ½
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-040.mspx
-------------------------------------------------
º¸¾È °øÁö MS10-041
-------------------------------------------------
Á¦¸ñ: Microsoft .NET FrameworkÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ º¯Á¶ ¹®Á¦Á¡ (981343)
¿ä¾à: ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft .NET FrameworkÀÇ °ø°³µÈ Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÏ¸é ¼¸íµÈ XML ÄÜÅÙÃ÷ÀÇ µ¥ÀÌÅ͸¦ ŽÁöµÇÁö ¾Ê´Â ¹æ½ÄÀ¸·Î º¯Á¶ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Microsoft .NET Framework¿¡¼ XMLDsig ±Ç°í »çÇ×ÀÌ ±¸ÇöµÇ´Â ¹æ½ÄÀ» º¯°æÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÕ´Ï´Ù.
ÃÖ´ë ½É°¢µµ: Áß¿ä
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î:
- .NET Framework 1.0
- .NET Framework 1.1
- .NET Framework 2.0
- .NET Framework 3.5
- Windows 2000
- Windows XP
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
(¾Æ·¡ ¸µÅ©¿¡¼ ¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î¿Í ´Ù¿î·Îµå À§Ä¡¸¦ È®ÀÎÇϽʽÿÀ)
Ãë¾àÁ¡:
- XML ¼¸í HMAC À߸² ¿ìȸ Ãë¾àÁ¡ (CVE-2009-0217)
Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿µÇâ: º¯Á¶
½Ã½ºÅÛ Àç½ÃÀÛ: º¸¾È ¾÷µ¥ÀÌÆ® Àû¿ë ÈÄ ½Ã½ºÅÛÀ» Àç½ÃÀÛÇØ¾ß ÇÒ ¼öµµ ÀÖ½À´Ï´Ù.
À̹ø ¾÷µ¥ÀÌÆ®·Î ´ëüµÇ´Â º¸¾È °øÁö: MS09-061, MS09-036
»ó¼¼ Á¤º¸: http://www.microsoft.com/korea/technet/security/bulletin/MS10-041.mspx
=================================================
Á¤º¸ÀÇ Àϰü¼º
=================================================
º» ¸ÞÀϰú À¥ ÆäÀÌÁö¸¦ ÅëÇÏ¿© °¡±ÞÀû Á¤È®ÇÑ ³»¿ëÀ» Á¦°øÇϱâ À§ÇÏ¿© ³ë·ÂÇϰí ÀÖ½À´Ï´Ù.
À¥¿¡ °Ô½ÃµÈ º¸¾È °øÁö´Â ÃÖ½ÅÀÇ Á¤º¸¸¦ ¹Ý¿µÇϱâ À§ÇØ ¼öÁ¤µÇ´Â °æ¿ì°¡ ÀÖ½À´Ï´Ù. ÀÌ·¯ÇÑ ÀÌÀ¯·Î º» ¸ÞÀÏÀÇ Á¤º¸¿Í À¥ ±â¹ÝÀÇ º¸¾È °øÁö °£¿¡ ³»¿ëÀÌ ºÒÀÏÄ¡ÇÏ´Â ÀÏÀÌ »ý±ä´Ù¸é, À¥¿¡ °Ô½ÃµÈ º¸¾È °øÁöÀÇ Á¤º¸°¡ ´õ ½Å·ÚÇÒ ¼ö ÀÖ´Â Á¤º¸ÀÔ´Ï´Ù.
±â¼ú Áö¿øÀº Áö¿ª¹øÈ£ ¾øÀÌ ÀüÈ 1577-9700À» ÅëÇØ Çѱ¹¸¶ÀÌÅ©·Î¼ÒÇÁÆ® °í°´Áö¿ø¼¾ÅÍ¿¡¼ ¹ÞÀ» ¼ö ÀÖ½À´Ï´Ù. º¸¾È ¾÷µ¥ÀÌÆ®¿Í °ü·ÃµÈ ±â¼ú Áö¿ø ÅëÈ´Â ¹«·áÀÔ´Ï´Ù.
°¨»çÇÕ´Ï´Ù.
Çѱ¹¸¶ÀÌÅ©·Î¼ÒÇÁÆ® °í°´Áö¿øºÎ º¸¾ÈÆÀ |
|
[2010-06-09] |
|