°øÁö»çÇ×
º¸¾ÈÆÐÄ¡
°áÁ¦¹æ¹ý¾È³»
¼­ºñ½º ÀÌ¿ë¾à°ü
°³ÀÎÁ¤º¸Ãë±Þ¹æÄ§
ÀÚÁÖ¹¯´ÂÁú¹®
±â¼ú°¡À̵å
¹®ÀÇÇϱâ
º¸¾ÈÆÐÄ¡
Á¦ ¸ñ [MS º¸¾È¾÷µ¥ÀÌÆ®]2010³â 12¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-12-15
ÀÛ¼ºÀÚ Çϳª·ÎÈ£½ºÆÃ ( hosting@hhosting.co.kr ) µî·ÏÁ¤º¸ 2010-12-15 11:04:00 Á¶È¸¼ö 30525
[MS10-090] Internet Explorer ´©Àû º¸¾È ¾÷µ¥ÀÌÆ®

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É

¡à ¼³¸í
o °ø°³µÈ Ãë¾àÁ¡ 3°³¸¦ Æ÷ÇÔÇÑ ÃÑ 7°³ÀÇ Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È¾÷µ¥ÀÌÆ®
o °ø°ÝÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ À¥ÆäÀÌÁö¸¦ ÀÌ¿ëÀÚ°¡ Internet Explorer¸¦ ÀÌ¿ëÇÏ¿© ¿­¶÷ÇÒ °æ¿ì,
·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ü·ÃÃë¾àÁ¡ :
- HTML Object Memory Corruption Vulnerability - CVE-2010-3340
- Cross-Domain Information Disclosure Vulnerability - CVE-2010-3342
- HTML Object Memory Corruption Vulnerability - CVE-2010-3343
- HTML Element Memory Corruption Vulnerability - CVE-2010-3345
- HTML Element Memory Corruption Vulnerability - CVE-2010-3346
- Cross-Domain Information Disclosure Vulnerability - CVE-2010-3348
- Uninitialized Memory Corruption Vulnerability - CVE-2010-3962
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Internet Explorer 6 with Windows XP SP3
- Internet Explorer 6 with Windows Pro x64 SP2
- Internet Explorer 6 with Windows Server 2003Sp2
- Internet Explorer 6 with Windows Server 2003 x64 SP2
- Internet Explorer 6 with Windows Server 2003 SP2 for Itanium-based Systems
- Internet Explorer 7 with Windows XP SP3
- Internet Explorer 7 with Windows Pro x64 SP2
- Internet Explorer 7 with Windows Server 2003 SP2
- Internet Explorer 7 with Windows Server 2003 x64 SP2
- Internet Explorer 7 with Windows Server 2003 SP2 for Itanium-based Systems
- Internet Explorer 7 with Windows Vista SP1, SP2
- Internet Explorer 7 with Windows Vista x64 SP1, SP2
- Internet Explorer 7 with Windows Server 2008, SP2
- Internet Explorer 7 with Windows Server 2008 x64, SP2
- Internet Explorer 7 with Windows Server for Itanium-based Systems, SP2
- Internet Explorer 8 with Windows XP SP3
- Internet Explorer 8 with Windows XP Pro x64 SP2
- Internet Explorer 8 with Windows Server 2003 SP2
- Internet Explorer 8 with Windows Server 2003 x64 SP2
- Internet Explorer 8 with Windows Vista SP1, SP2
- Internet Explorer 8 with Windows Vista x64 SP1, SP2
- Internet Explorer 8 with Windows Server 2008 SP1, SP2
- Internet Explorer 8 with Windows Server 2008 x64 SP1, SP2
- Internet Explorer 8 with Windows 7
- Internet Explorer 8 with Windows 7 x64
- Internet Explorer 8 with Windows Server 2008 R2 for x64
- Internet Explorer 8 with Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-090.mspx


[MS10-091] Open Type Font µå¶óÀ̹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦Á¡

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Open Type Font µå¶óÀ̹ö¿¡ Á¸ÀçÇÏ´Â ´Ù¼öÀÇ Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È ¾÷µ¥ÀÌÆ®
¡Ø Open Type Font : MS À©µµ¿ì¿Í ¾ÖÇà MAC ¿î¿µÃ¼°è¿¡¼­ »ç¿ëµÇ´Â Æ®·çŸÀÔ ÆùÆ® ÆÄÀÏ
Çü½ÄÀ» È®ÀåÇÑ ±Û²Ã ÆÄÀÏ Çü½Ä
o Open Type Font µå¶óÀ̹ö°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Open Type font ÆÄÀÏÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­
¹ß»ýÇÏ´Â ¿À·ù·Î ÀÓÀÇÀÇ ÄÚµå½ÇÇàÀÌ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- OpenType Font Index Vulnerability - CVE-2010-3956
- OpenType Font Double Free Vulnerability - CVE-2010-3957
- OpenType CMAP Table Vulnerability - CVE-2010-3959
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : ±ä±Þ

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/Bulletin/MS10-091.mspx


[MS10-092] Task Scheduler Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Task Scheduler°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î
Á¦ÇÑµÈ ±ÇÇÑÀÇ °èÁ¤À¸·Î ·Î±×ÀÎÇÑ °ø°ÝÀÚ°¡ ±ÇÇÑ»ó½ÂÀ» ÅëÇØ °ü¸®ÀÚ ±ÇÇÑÀ» ȹµæÇÒ ¼ö ÀÖÀ½
o °ø°ÝÀÚ´Â ¿ø°Ý ¶Ç´Â Anonymous °èÁ¤À¸·Î °ø°ÝÇÒ ¼ö ¾øÀ¸¸ç ¹Ýµå½Ã ·ÎÄÿ¡¼­ ·Î±×ÀÎµÈ »óÅÂ
¿¡¼­¸¸ °ø°ÝÀÌ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- Task Scheduler Vulnerability - CVE-2010-3338
o ¿µÇâ : ±ÇÇÑ»ó½Â
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP 1, SP2
- Windows Server 2008 for 32-bit Systems, SP2*
- Windows Server 2008 for x64-based Systems, SP2*
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP 2
- Windows Server 2003 SP 2
- Windows Server 2003 x64 Edition SP 2
- Windows Server 2003 with SP2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-092.mspx


[MS10-093] Movie Maker Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Windows Movie Maker°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏÀ» ·ÎµåÇÒ ¶§ ¹ß»ýÇÏ´Â ¿À·ù¸¦ ÅëÇØ
ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ø°ÝÀ» À§Çؼ­´Â °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ ¶óÀ̺귯¸® ÆÄÀϰú ÇÔ²² Á¤»ó Movie Maker ÆÄÀÏÀ»
µ¿ÀÏÇÑ ³×Æ®¿öÅ© µð·ºÅ͸®¿¡ À§Ä¡½ÃŲ ÈÄ, ÀÌ¿ëÀÚ°¡ Movie Maker ÆÄÀÏÀ» ¿­¶÷Çϵµ·Ï À¯µµÇÔ
À¸·Î½á ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
o °ü·ÃÃë¾àÁ¡ :
- Insecure Library Loading Vulnerability - CVE-2010-3967
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Vista SP 1, SP 2
- Windows Vista x64 Edition SP 1,SP 2
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP 3
- Windows XP Pro x64 SP2
- Windows XP Pro x64 Edition SP 2
- Windows Server 2003 SP 2
- Windows Server 2003 x64 SP 2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2008 for 32-bit Systems, SP 2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-093.mspx


[MS10-094] Media Encoder Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Windows Media Encoder°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏÀ» ·ÎµåÇÒ ¶§ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î
ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ø°ÝÀ» À§Çؼ­´Â °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ ¶óÀ̺귯¸® ÆÄÀϰú ÇÔ²² Á¤»ó Windows Media Profile
ÆÄÀÏÀ» µ¿ÀÏÇÑ ³×Æ®¿öÅ© µð·ºÅ͸®¿¡ À§Ä¡½ÃŲ ÈÄ, ÀÌ¿ëÀÚ°¡ ÆÄÀÏÀ» ¿­¶÷Çϵµ·Ï À¯µµÇÔÀ¸·Î½á ¿µÇâ
¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
o °ü·ÃÃë¾àÁ¡ :
- Insecure Library Loading Vulnerability - CVE-2010-3965
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, Windows Vista x64 Edition SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-094.mspx


[MS10-095] À©µµ¿ì Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o À©µµ¿ì°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏÀ» ·ÎµåÇÒ ¶§ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î ÀÓÀÇÀÇ ÄÚµå
½ÇÇà °¡´É
o °ø°ÝÀ» À§Çؼ­´Â °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ ¶óÀ̺귯¸® ÆÄÀϰú ÇÔ²² Á¤»ó E-mail(.eml),
Windows Live Mail(.rss), Mocrosoft Live Writer(.wpost) ÆÄÀÏÀ» µ¿ÀÏÇÑ ³×Æ®¿öÅ©
µð·ºÅ͸®¿¡ À§Ä¡½ÃŲ ÈÄ, ÀÌ¿ëÀÚ°¡ ÆÄÀÏÀ» ¿­¶÷Çϵµ·Ï À¯µµÇÔÀ¸·Î½á ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡
´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
o °ü·ÃÃë¾àÁ¡ :
- BranchCache Insecure Library Loading Vulnerability - CVE-2010-3966
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems*
- Windows Server 2008 R2 for Itanium-based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-095.mspx


[MS10-096] Address Book Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Windows Address BookÀÌ Æ¯¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏÀ» ·ÎµåÇÒ ¶§ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î
ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ø°ÝÀ» À§Çؼ­´Â °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ ¶óÀ̺귯¸® ÆÄÀϰú ÇÔ²² Á¤»ó Windows Address
Book ÆÄÀÏÀ» µ¿ÀÏÇÑ ³×Æ®¿öÅ© µð·ºÅ͸®¿¡ À§Ä¡½ÃŲ ÈÄ, ÀÌ¿ëÀÚ°¡ ÆÄÀÏÀ» ¿­¶÷Çϵµ·Ï À¯µµÇÔ
À¸·Î½á ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
o °ü·ÃÃë¾àÁ¡ :
- Insecure Library Loading Vulnerability - CVE-2010-3147
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-096.mspx


[MS10-097] Internet Connection Signup Wizard Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Internet Connection Signup Wizard°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¶óÀ̺귯¸® ÆÄÀÏÀ» ·ÎµåÇÒ ¶§ ¹ß»ýÇÏ´Â
Ãë¾àÁ¡À¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
o °ø°ÝÀ» À§Çؼ­´Â °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛÇÑ ¶óÀ̺귯¸® ÆÄÀϰú ÇÔ²² .isp ÆÄÀÏÀ» µ¿ÀÏÇÑ ³×Æ®¿öÅ©
µð·ºÅ͸®¿¡ À§Ä¡½ÃŲ ÈÄ, ÀÌ¿ëÀÚ°¡ ÆÄÀÏÀ» ¿­¶÷Çϵµ·Ï À¯µµÇÔÀ¸·Î½á ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ
¿ÏÀüÇÑ ±ÇÇÑ È¹µæ
o °ü·ÃÃë¾àÁ¡ :
- Internet Connection Signup Wizard Insecure Library Loading Vulnerability - CVE-2010-3144
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Vista SP1, SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-097.mspx


[MS10-098] Kernel-Mode µå¶óÀ̹ö Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Windows Kernel-Mode µå¶óÀ̹ö°¡ ºÎÀûÀýÇÏ°Ô ¸Þ¸ð¸®¸¦ ÇÒ´çÇÏ´Â °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â
Ãë¾àÁ¡À¸·Î °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» Á¦ÇÑµÈ ±ÇÇÑÀÇ °èÁ¤À¸·Î ·Î±×ÀÎÇÑ
»óÅ¿¡¼­ ½ÇÇàÇÏ¿© ±ÇÇÑ»ó½ÂÀ» ÅëÇØ °ü¸®ÀÚ ±ÇÇÑÀ» ȹµæÇÒ ¼ö ÀÖÀ½
o °ø°ÝÀÚ´Â ¿ø°Ý ¶Ç´Â Anonymous °èÁ¤À¸·Î °ø°ÝÇÒ ¼ö ¾øÀ¸¸ç ¹Ýµå½Ã ·ÎÄÿ¡¼­ ·Î±×ÀεÈ
»óÅ¿¡¼­¸¸ °ø°ÝÀÌ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- TWin32k Buffer Overflow Vulnerability - CVE-2010-3939
- Win32k PFE Pointer Double Free Vulnerability - CVE-2010-3940
- Win32k Double Free Vulnerability - CVE-2010-3941
- Win32k WriteAV Vulnerability - CVE-2010-3942
- Win32k Cursor Linking Vulnerability- CVE-2010-3943
- Win32k Memory Corruption Vulnerability - CVE-2010-3944
o ¿µÇâ : ±ÇÇÑ»ó½Â
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-098.mspx


[MS10-099] Routing ¹× Remote Access NDProxy ÄÄÆ÷³ÍÆ® Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o À©µµ¿ì Ä¿³ÎÀÇ NDProxy ÄÄÆ÷³ÍÆ®°¡ ÀÔ·ÂÀ» Á¤»óÀûÀ¸·Î ó¸®ÇÏÁö ¸øÇØ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î
°ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» Á¦ÇÑµÈ ±ÇÇÑÀÇ °èÁ¤À¸·Î ·Î±×ÀÎÇÑ »óÅ¿¡¼­ ½ÇÇà
ÇÏ¿© ±ÇÇÑ»ó½ÂÀ» ÅëÇØ °ü¸®ÀÚ ±ÇÇÑÀ» ȹµæÇÒ ¼ö ÀÖÀ½
o °ø°ÝÀÚ´Â ¿ø°Ý ¶Ç´Â Anonymous °èÁ¤À¸·Î °ø°ÝÇÒ ¼ö ¾øÀ¸¸ç ¹Ýµå½Ã ·ÎÄÿ¡¼­ ·Î±×ÀÎµÈ »óÅÂ
¿¡¼­¸¸ °ø°ÝÀÌ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- Kernel NDProxy Buffer Overflow Vulnerability - CVE-2010-3963
o ¿µÇâ : ±ÇÇÑ»ó½Â
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based System, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-099.mspx


[MS10-100] Consent User Interface Ãë¾àÁ¡À¸·Î ÀÎÇÑ ±ÇÇÑ»ó½Â ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o Consent User Interface°¡ ·¹Áö½ºÆ®¸®·ÎºÎÅÍ ÀÐÀº °ªÀ» ÀûÀýÇÏ°Ô Ã³¸®ÇÏÁö ¸øÇØ ¹ß»ýÇÏ´Â
Ãë¾àÁ¡À¸·Î °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¾îÇø®ÄÉÀ̼ÇÀ» Á¦ÇÑµÈ ±ÇÇÑÀÇ °èÁ¤À¸·Î ·Î±×ÀÎÇÑ
»óÅ¿¡¼­ ½ÇÇàÇÏ¿© °ü¸®ÀÚ±ÇÇÑÀ¸·Î ±ÇÇÑ»ó½Â
¡Ø Consent User Interface : µ¿ÀÇ È®ÀΠâ, Vista µî¿¡¼­ °ü¸®ÀÚ °èÁ¤ÀÌ ÇÊ¿äÇÑ ÇÁ·Î±×·¥À»
½ÇÇàÇÒ °æ¿ì »ç¿ëÀÚ¿¡°Ô µ¿ÀǸ¦ ±¸ÇÒ ¶§ ÀÌ¿ë
o °ø°ÝÀÚ´Â ¿ø°Ý ¶Ç´Â Anonymous °èÁ¤À¸·Î °ø°ÝÇÒ ¼ö ¾øÀ¸¸ç ¹Ýµå½Ã ·ÎÄÿ¡¼­ ·Î±×ÀÎµÈ »óÅÂ
¿¡¼­¸¸ °ø°ÝÀÌ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- Consent UI Impersonation Vulnerability - CVE-2010-3961
o ¿µÇâ : ±ÇÇÑ»ó½Â
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-100.mspx


[MS10-101] Netlogon ¼­ºñ½º Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¼­ºñ½º°ÅºÎ ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¼­ºñ½º°ÅºÎ »óÅ·Π¸¸µé ¼ö ÀÖÀ½

¡à ¼³¸í
o Netlogon RPC ¼­ºñ½º°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ RPC ÆÐŶÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â °úÁ¤¿¡¼­
¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ÀÌ ¹ß»ý
o °ø°ÝÀÚ´Â °ø°Ý´ë»ó°ú µ¿ÀÏÇÑ µµ¸ÞÀο¡ Á¸ÀçÇÏ´Â ÀåºñÀÇ °ü¸®ÀÚ±ÇÇÑÀ» Áö´Ñ »óÅ¿¡¼­¸¸ °ø°ÝÀÌ
°¡´É
o °ü·ÃÃë¾àÁ¡ :
- Netlogon RPC Null dereference DOS Vulnerability - CVE-2010-2742
o ¿µÇâ : ¼­ºñ½º°ÅºÎ
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for x64-based Systems, SP2
- Windows Server 2008 R2 for x64-based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-101.mspx


[MS10-102] Hyper-V Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¼­ºñ½º°ÅºÎ ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¼­ºñ½º°ÅºÎ »óÅ·Π¸¸µé ¼ö ÀÖÀ½

¡à ¼³¸í
o Hyper-V°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ VMBus ÆÐŶÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â °úÁ¤¿¡¼­ ¼­ºñ½º°ÅºÎ
Ãë¾àÁ¡ÀÌ ¹ß»ý
¡Ø Hyper-V : À©µµ¿ì ¼­¹ö °¡»óÈ­¶ó´Â À̸§À¸·Î ¾Ë·ÁÁø MSÞäÀÇ °¡»óÈ­ ½Ã½ºÅÛ
o °ø°ÝÀÚ´Â ¿ø°Ý ¶Ç´Â Anonymous °èÁ¤À¸·Î °ø°ÝÇÒ ¼ö ¾øÀ¸¸ç ¹Ýµå½Ã ·ÎÄÿ¡¼­ ·Î±×ÀÎµÈ »óÅÂ
¿¡¼­¸¸ °ø°ÝÀÌ °¡´É
o °ü·ÃÃë¾àÁ¡ :
- Hyper-V VMBus Vulnerability - CVE-2010-3960
o ¿µÇâ : ¼­ºñ½º°ÅºÎ
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based
Systems SP2
- Windows Server 2008 R2 for x64-based Systems
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Windows XP SP3
- Windows XP Professional x64 Edition SP2
- Windows Server 2003 SP2
- Windows Server 2003 x64 Edition SP2
- Windows Server 2003 with SP2 for Itanium-based Systems
- Windows Vista SP1 and Windows Vista SP2
- Windows Vista x64 Edition SP1, SP2
- Windows Server 2008 for 32-bit Systems, SP2
- Windows Server 2008 for Itanium-based Systems, SP2
- Windows 7 for 32-bit Systems
- Windows 7 for x64-based Systems
- Windows Server 2008 R2 for Itanium-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-102.mspx


[MS10-103] MS Publisher Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà

¡à ¼³¸í
o MS Publisher°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ Publisher ÆÄÀÏÀ» ó¸®ÇÒ ¶§ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î °ø°Ý
¼º°ø½Ã ·Î±×¿Â »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà °¡´É
¡Ø Publisher : MS ¿ÀÇǽºÀÇ Ãß°¡ ÇÁ·Î±×·¥Áß Çϳª·Î À¥µðÀÚÀΰú ÀüÀÚÃâÆÇ ¿¹Á¦µéÀ» Á¦°ø
o °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ·Î±×ÀÎÇÑ °æ¿ì ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇÑ ¿Ïº®ÇÑ ±ÇÇÑ È¹µæ
o °ü·ÃÃë¾àÁ¡ :
- Size Value Heap Corruption in pubconv.dll Vulnerability - CVE-2010-2569
- Heap Overrun in pubconv.dll Vulnerability - CVE-2010-2570
- Memory Corruption Due To Invalid Index Into Array in Pubconv.dll Vulnerability - CVE-
2010-2571
- Microsoft Publisher Memory Corruption Vulnerability - CVE-2010-3954
- Array Indexing Memory Corruption Vulnerability - CVE-2010-3955
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office XP SP3
- Microsoft Office 2003 SP3
- Microsoft Office 2007 SP2
- Microsoft Office 2010 (32-bit editions)
- Microsoft Office 2010 (64-bit editions)

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-103.mspx


[MS10-104] MS SharePoint Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ Guest °èÁ¤ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå ½ÇÇà

¡à ¼³¸í
o MS SharePointÀÇ Document Conversions Launcher Service°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ SOAP ¿äûÀ»
ó¸®ÇÒ ¶§ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î °ø°Ý¼º°ø½Ã Guest °èÁ¤ ±ÇÇÑÀ¸·Î ÀÓÀÇÀÇ ÄÚµå½ÇÇà °¡´É
¡Ø SharePoint : Á¤º¸ °øÀ¯, ¹®¼­°ü¸® µîÀ» ÅëÇÑ °øµ¿ ÀÛ¾÷À» ÇÒ ¼ö ÀÖµµ·Ï µ½´Â MSÞäÀÇ ¼Ö·ç¼Ç
o °ü·ÃÃë¾àÁ¡ :
- Malformed Request Code Execution Vulnerability - CVE-2010-3964
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office SharePoint Server 2007 SP2 (32-bit editions)
- Microsoft Office SharePoint Server 2007 SP2 (64-bit editions)

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-104.mspx


[MS10-105] MS Office Graphics Filter Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°ÝÄÚµå½ÇÇà ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¿ÏÀüÇÑ ±ÇÇÑ È¹µæ

¡à ¼³¸í
o °ø°³µÇÁö ¾ÊÀº 7°³ÀÇ Ãë¾àÁ¡À» ÇØ°áÇÏ´Â º¸¾È¾÷µ¥ÀÌÆ®
o MS Office Graphics Filter°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ À̹ÌÁö ÆÄÀÏÀ» ó¸®ÇÒ ¶§ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À¸·Î
°ø°Ý¼º°ø½Ã ÀÓÀÇÀÇ ÄÚµå½ÇÇà °¡´É
o °ü·ÃÃë¾àÁ¡ :
- CGM Image Converter Buffer Overrun Vulnerability - CVE-2010-3945
- PICT Image Converter Integer Overflow Vulnerability - CVE-2010-3946
- TIFF Image Converter Heap Overflow Vulnerability - CVE-2010-3947
- TIFF Image Converter Buffer Overflow Vulnerability - CVE-2010-3949
- TIFF Image Converter Memory Corruption Vulnerability - CVE-2010-3950
- FlashPix Image Converter Buffer Overflow Vulnerability - CVE-2010-3951
- FlashPix Image Converter Heap Corruption Vulnerability - CVE-2010-3952
o ¿µÇâ : ¿ø°ÝÄÚµå½ÇÇà
o Á߿䵵 : Áß¿ä

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office XP SP3
- Microsoft Office 2003 SP3
- Microsoft Office 2007 SP2
- Microsoft Office 2010 (32-bit editions)
- Microsoft Office 2010 (64-bit editions)
- Microsoft Office Converter Pack
- Microsoft Works 9
o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Office 2004 for Mac
- Microsoft Office 2008 for Mac
- Microsoft Office for Mac 2011
- Open XML File Format Converter for Mac
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-105.mspx


[MS10-106] MS Exchange Server Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¼­ºñ½º°ÅºÎ ¹®Á¦

¡à ¿µÇâ
o °ø°ÝÀÚ°¡ ¿µÇâ ¹Þ´Â ½Ã½ºÅÛ¿¡ ´ëÇØ ¼­ºñ½º°ÅºÎ »óÅ·Π¸¸µé ¼ö ÀÖÀ½

¡à ¼³¸í
o MS Exchange Server°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ RPC CallÀ» ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ¹ß»ýÇÏ´Â °úÁ¤¿¡¼­
¼­ºñ½º°ÅºÎ Ãë¾àÁ¡ÀÌ ¹ß»ý
¡Ø Exchange : ÀüÀÚ¸ÞÀÏ, ÀÏÁ¤, ¿¬¶ôó °ü¸®¸¦ µµ¿ÍÁÖ´Â MSÞäÀÇ ±â¾÷ ¸Þ½Ã¡ ¹× °øµ¿ ÀÛ¾÷
¼Ö·ç¼Ç
o °ü·ÃÃë¾àÁ¡ :
- Exchange Server Infinite Loop Vulnerability - CVE-2010-3937
o ¿µÇâ : ¼­ºñ½º°ÅºÎ
o Á߿䵵 : º¸Åë

¡à ÇØ´ç½Ã½ºÅÛ
o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
- Microsoft Exchange Server 2007 SP2 for x64-based Systems

¡à ÇØ°áÃ¥
o ÇØ´ç ½Ã½ºÅÛ¿¡ ´ëÇÑ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®»çÀÇ Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë

¡à ÂüÁ¶»çÀÌÆ®
o ¿µ¹® : http://www.microsoft.com/technet/security/bulletin/MS10-106.mspx
º¸¾ÈÆÐÄ¡
ÃÑ 174 °Ç
¹øÈ£ Á¦¸ñ µî·ÏÀÏ Á¶È¸¼ö
174 MS 2¿ù º¸¾È À§Çù¿¡ µû¸¥ Á¤±â º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2021-02-24 568
173 À©µµ¿ì RDP ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2019-05-16 33664
172 WannaCry(¿ö³ÊÅ©¶óÀÌ) ·£¼¶¿þ¾î ´ëÀÀ ¹æ¹ý ¾È³» 2017-05-15 19885
171 OpenSSL ±ä±Þ º¸¾È ¾÷µ¥ÀÌÆ® 2016-03-03 22485
170 À±ÃÊ(Leap Second) °ü·Ã ¹ö±× ³»¿ë ¹× ´ëÀÀ ¹æ¾È ¾È³» 2015-06-26 24404
169 HTTP.sys ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ 2015-04-17 21431
168 ¸®´ª½º Ghost Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2015-01-29 21132
167 Apache Struts 2 ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í 2013-07-22 29594
166 ±¹³» °ø°³ À¥ °Ô½ÃÆÇ(±×´©º¸µå) º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í 2011-04-28 34388
165 MS Internet Explorer ½Å±Ô ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ ÁÖÀÇ - 2010-12-22 2010-12-22 36635
164 ±¹³» °ø°³ À¥ °Ô½ÃÆÇ(Á¦·Îº¸µå) Ãë¾àÁ¡ ÁÖÀÇ - 2010-12-22 2010-12-22 33805
=> [MS º¸¾È¾÷µ¥ÀÌÆ®]2010³â 12¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-12-15 2010-12-15 30525
162 ¾ÖÇà ÄüŸÀÓ Ç÷¹ÀÌ¾î º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-12-09 2010-12-09 29015
161 Adobe Reader/Acrobat Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-17 2010-11-17 26390
160 [MS º¸¾È¾÷µ¥ÀÌÆ®]2010³â 11¿ù MS Á¤±â º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-10 2010-11-10 25512
159 Adobe Flash Player ´ÙÁß Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í - 2010-11-05 2010-11-05 26147
158 Mozilla Firefox ¹× Thunderbird º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í - 2010-10-28 2010-10-28 25698
157 Adobe Shockwave Player ½Å±Ô Ãë¾àÁ¡ ÁÖÀÇ - 2010-10-22 2010-10-22 25839
  [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]  
1