°øÁö»çÇ×
º¸¾ÈÆÐÄ¡
°áÁ¦¹æ¹ý¾È³»
¼­ºñ½º ÀÌ¿ë¾à°ü
°³ÀÎÁ¤º¸Ãë±Þ¹æÄ§
ÀÚÁÖ¹¯´ÂÁú¹®
±â¼ú°¡À̵å
¹®ÀÇÇϱâ
º¸¾ÈÆÐÄ¡
Á¦ ¸ñ [MS º¸¾È¾÷µ¥ÀÌÆ®]2010³â 11¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-10
ÀÛ¼ºÀÚ Çϳª·ÎÈ£½ºÆÃ ( hosting@hhosting.co.kr ) µî·ÏÁ¤º¸ 2010-11-10 09:09:00 Á¶È¸¼ö 25512
[MS10-087] Microsoft Office Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦Á¡

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Microsoft Office ¼ÒÇÁÆ®¿þ¾î°¡ Office °ü·Ã ÆÄÀÏÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ
Á¸Àç
o °ø°ÝÀÚ´Â Microsoft Office ¼ÒÇÁÆ®¿þ¾î¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Office ÆÄÀÏÀ» ¿­µµ·Ï À¯µµÇÏ¿©,
·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ü·ÃÃë¾àÁ¡ :
- RTF Stack Buffer Overflow Vulnerability - CVE-2010-3333
- Office Art Drawing Records Vulnerability - CVE-2010-3334
- Drawing Exception Handling Vulnerability - CVE-2010-3335
- MSO Large SPID Read AV Vulnerability - CVE-2010-3336
- Insecure Library Loading Vulnerability - CVE-2010-3337
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office XP SP3
- Microsoft Office 2003 SP3
- Microsoft Office 2007 SP2
- Microsoft Office 2010 (32-bit editions)
- Microsoft Office 2010 (64-bit editions)
- Microsoft Office 2004 for Mac[1]
- Microsoft Office 2008 for Mac[1]
- Microsoft Office for Mac 2011
- Open XML File Format Converter for Mac[1]
¡Ø [1] ±Ý¹ø ¾÷µ¥ÀÌÆ®¿¡¼­ ÇØ´ç ¼ÒÇÁÆ®¿þ¾î¿¡ ´ëÇÑ º¸¾È ¾÷µ¥ÀÌÆ®´Â Æ÷ÇÔµÇÁö ¾ÊÀ½
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office Compatibility Pack for Word, Excel,
and PowerPoint 2007 File Formats SP2
- Microsoft Word Viewer
- Microsoft Excel Viewer SP2
- Microsoft PowerPoint Viewer SP2
- Microsoft Visio 2007 Viewer SP2
- Microsoft Visio 2010 Viewer
- Microsoft Works 9

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-087.mspx




[MS10-088] Microsoft PowerPoint Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦Á¡

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Microsoft PowerPoint°¡ PowerPoint ÆÄÀÏÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ Á¸Àç
o °ø°ÝÀÚ´Â Microsoft PowerPoint¿¡¼­ Ư¼öÇÏ°Ô Á¶ÀÛµÈ PowerPointÆÄÀÏÀ» ¿­µµ·Ï À¯µµÇÏ¿©,
·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ü·ÃÃë¾àÁ¡ :
- PowerPoint Parsing Buffer Overflow Vulnerability - CVE-2010-2572
- PowerPoint Integer Underflow Causes Heap Corruption Vulnerability - CVE-2010-2573
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office XP SP3
- Microsoft Office 2003 SP3
- Microsoft Office 2004 for Mac[1]
- Microsoft PowerPoint Viewer SP2
¡Ø [1] ±Ý¹ø ¾÷µ¥ÀÌÆ®¿¡¼­ ÇØ´ç ¼ÒÇÁÆ®¿þ¾î¿¡ ´ëÇÑ º¸¾È ¾÷µ¥ÀÌÆ®´Â Æ÷ÇÔµÇÁö ¾ÊÀ½
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft PowerPoint 2007 SP2
- Microsoft PowerPoint 2010 (32-bit editions)
- Microsoft PowerPoint 2010 (64-bit editions)
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Open XML File Format Converter for Mac
- Microsoft Office Compatibility Pack for Word, Excel,
and PowerPoint 2007 File Formats SP2
- Microsoft Works 9

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS10-088.mspx




[MS10-089] Forefront Unified Access Gateway (UAG) Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ÇØ´ç ½Ã½ºÅÛ »ç¿ëÀڷκÎÅÍ Á¤º¸¸¦ À¯ÃâÇÒ ¼ö ÀÖÀ½

¡à ¼³¸í
o UAG À¥ ÀÎÅÍÆäÀ̽º¿¡¼­ ¿ÜºÎ À¥»çÀÌÆ®·ÎÀÇ ¸®´ÙÀÌ·º¼Ç¿¡ ´ëÇÑ °ËÁõÀÌ ÀûÀýÇÏ°Ô Ã³¸®µÇÁö
¾Ê¾Æ »ç¿ëÀÚ°¡ ÀǵµÇÏÁö ¾ÊÀº À¥»çÀÌÆ®·Î Á¢¼ÓµÉ ¼ö ÀÖ´Â Ãë¾àÁ¡ Á¸Àç
¡Ø Forefront Unified Access Gateway (UAG) : »ç³» Á÷¿ø°ú ÆÄÆ®³Ê, º¥´õ µîÀÌ ¿ÜºÎ¿¡¼­
±â¾÷ ³»ºÎ ½Ã½ºÅÛ¿¡ À¥ ºê¶ó¿ìÀú¸¦ ÀÌ¿ëÇÏ¿© ¾ÈÀüÇÏ°Ô Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ÇÏ´Â ¼Ö·ç¼Ç
o °ø°ÝÀÚ´Â UAG ¼­¹ö »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ UAG URLÀ» Ŭ¸¯Çϵµ·Ï À¯µµÇÏ¿© °ø°ÝÀÚ°¡ ÀÓÀÇ·Î
¼³Ä¡ÇÑ Çǽ̻çÀÌÆ®·Î Á¢¼ÓÀ¯µµ °¡´É
o °ø°ÝÀÚ°¡ ÀÓÀÇÀÇ ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÒ ¼ö ÀÖ´Â XSS Ãë¾àÁ¡ÀÌ UAG¿¡ Á¸Àç
¡Ø Cross-site Scripting (XSS) : À¥ÆäÀÌÁö¿¡ ¾ÇÀÇÀûÀÎ ½ºÅ©¸³Æ®¸¦ »ðÀÔÇÏ¿© »ç¿ëÀÚ°¡ ÇØ´ç
ÆäÀÌÁö ¿­¶÷ ½Ã ½ºÅ©¸³Æ®°¡ ½ÇÇàµÇµµ·Ï ÇÏ´Â ÇØÅ· ±â¹ý
o °ø°ÝÀÚ´Â »ç¿ëÀÚ ºê¶ó¿ìÀú¿¡¼­ ÀÓÀÇÀÇ ½ºÅ©¸³Æ®°¡ ½ÇÇàµÇµµ·Ï ÇÏ¿© µ¥ÀÌÅÍ º¯Á¶ ¹× »ç¿ëÀÚ
Á¤º¸À¯Ãâ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- UAG Redirection Spoofing Vulnerability - CVE-2010-2732
- UAG XSS Allows EOP Vulnerability - CVE-2010-2733
- XSS Issue on UAG Mobile Portal Website in Forefront Unified Access Gateway
Vulnerability - CVE-2010-2734
- XSS in Signurl.asp Vulnerability - CVE-2010-3936
o ¿µÇâ : ±ÇÇÑ»ó½Â
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Forefront Unified Access Gateway 2010[1]
- Forefront Unified Access Gateway 2010 Update 1[1]
- Forefront Unified Access Gateway 2010 Update 2[1]
¡Ø [1] ÇØ´ç ¼ÒÇÁÆ®¿þ¾î¿¡ ´ëÇÑ ¾÷µ¥ÀÌÆ®´Â Microsoft Download Center¸¦ ÅëÇØ¼­¸¸ °¡´É

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-089.mspx

º¸¾ÈÆÐÄ¡
ÃÑ 174 °Ç
¹øÈ£ Á¦¸ñ µî·ÏÀÏ Á¶È¸¼ö
174 MS 2¿ù º¸¾È À§Çù¿¡ µû¸¥ Á¤±â º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2021-02-24 567
173 À©µµ¿ì RDP ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2019-05-16 33664
172 WannaCry(¿ö³ÊÅ©¶óÀÌ) ·£¼¶¿þ¾î ´ëÀÀ ¹æ¹ý ¾È³» 2017-05-15 19876
171 OpenSSL ±ä±Þ º¸¾È ¾÷µ¥ÀÌÆ® 2016-03-03 22484
170 À±ÃÊ(Leap Second) °ü·Ã ¹ö±× ³»¿ë ¹× ´ëÀÀ ¹æ¾È ¾È³» 2015-06-26 24403
169 HTTP.sys ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ 2015-04-17 21431
168 ¸®´ª½º Ghost Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2015-01-29 21131
167 Apache Struts 2 ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í 2013-07-22 29593
166 ±¹³» °ø°³ À¥ °Ô½ÃÆÇ(±×´©º¸µå) º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2011-04-28 34388
165 MS Internet Explorer ½Å±Ô ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ ÁÖÀÇ - 2010-12-22 2010-12-22 36635
164 ±¹³» °ø°³ À¥ °Ô½ÃÆÇ(Á¦·Îº¸µå) Ãë¾àÁ¡ ÁÖÀÇ - 2010-12-22 2010-12-22 33804
163 [MS º¸¾È¾÷µ¥ÀÌÆ®]2010³â 12¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-12-15 2010-12-15 30524
162 ¾ÖÇà ÄüŸÀÓ Ç÷¹ÀÌ¾î º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-12-09 2010-12-09 29015
161 Adobe Reader/Acrobat Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-17 2010-11-17 26390
=> [MS º¸¾È¾÷µ¥ÀÌÆ®]2010³â 11¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-10 2010-11-10 25512
159 Adobe Flash Player ´ÙÁß Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-05 2010-11-05 26147
158 Mozilla Firefox ¹× Thunderbird º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-10-28 2010-10-28 25698
157 Adobe Shockwave Player ½Å±Ô Ãë¾àÁ¡ ÁÖÀÇ - 2010-10-22 2010-10-22 25838
  [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]  
1