Home | Data Center | Contact US | Login

Á¦¸ñ MS À©µµ¿ì µµ¿ò¸» ¹× Áö¿ø ¼¾ÅÍ ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ ÁÖÀÇ
ÀÛ¼ºÀÏ 2010-06-14 11:31:55

¡à °³¿ä
   o À©µµ¿ì µµ¿ò¸» ¹× Áö¿ø ¼¾ÅÍ(helpctr.exe)°¡ HCP ÇÁ·ÎÅäÄÝÀ» »ç¿ëÇÏ´Â URLÀ» ºÎÀûÀýÇÏ°Ô
      °ËÁõÇÔÀ¸·Î ÀÎÇØ ¿ø°ÝÄÚµå½ÇÇà Ãë¾àÁ¡ÀÌ ¹ß»ý [1, 2, 4]
     ¡Ø µµ¿ò¸» ¹× Áö¿ø ¼¾ÅÍ (Help and Support Center) : À©µµ¿ìÀÇ ´Ù¾çÇÑ ±â´É¿¡ ´ëÇÑ µµ¿ò¸»À»
         Á¦°øÇÏ´Â ÀÀ¿ëÇÁ·Î±×·¥
     ¡Ø HCP ÇÁ·ÎÅäÄÝ : "µµ¿ò¸» ¹× Áö¿ø ¼¾ÅÍ"¿¡¼­ URL ¸µÅ©¸¦ ½ÇÇàÇϱâ À§ÇÑ HTTP¿Í À¯»çÇÑ 
         ÇÁ·ÎÅäÄÝ ("http://"´ë½Å¿¡ "hcp://"¶ó´Â Á¢µÎ»ç¸¦ »ç¿ë)
   o °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ÄÜÅÙÆ®·Î ±¸¼ºµÈ ¾ÇÀÇÀûÀÎ À¥ »çÀÌÆ®¸¦ ±¸¼ºÇÑ ÈÄ, ½ºÆÔ ¸ÞÀÏÀ̳ª
      ¸Þ½ÅÀúÀÇ ¸µÅ©¸¦ ÅëÇØ »ç¿ëÀÚ°¡ ÇØ´ç »çÀÌÆ®¿¡ ¹æ¹®Çϵµ·Ï À¯µµÇÏ¿© ¾Ç¼ºÄڵ带 À¯Æ÷ °¡´ÉÇÔ [1]
   o Ãë¾àÁ¡À» °ø°ÝÇÏ´Â °³³äÁõ¸íÄڵ尡 °ø°³[5]µÇ¾úÀ¸¹Ç·Î »ç¿ëÀÚÀÇ °¢º°ÇÑ ÁÖÀÇ°¡ ¿ä±¸µÊ

¡à ÇØ´ç ½Ã½ºÅÛ
   o ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î [1]
     - Windows XP SP2, SP3
     - Windows XP Professional x64 Edition SP2
     - Windows Server 2003 SP2
     - Windows Server 2003 x64 Edition SP2
     - Windows Server 2003 with SP2 for Itanium-based Systems
   o ¿µÇâ ¹ÞÁö ¾Ê´Â ¼ÒÇÁÆ®¿þ¾î [1]
     - Microsoft Windows 2000 SP4
     - Windows Vista SP1, SP2
     - Windows Vista x64 Edition SP1, SP2
     - Windows Server 2008 for 32-bit Systems, SP2
     - Windows Server 2008 for x64-based Systems, SP2
     - Windows Server 2008 for Itanium-based Systems, SP2
     - Windows 7 for 32-bit Systems
     - Windows 7 for x64-based Systems
     - Windows Server 2008 R2 for x64-based Systems
     - Windows Server 2008 R2 for Itanium-based Systems

¡à ±ÇÀå Á¶Ä¡ ¹æ¾È
   o ÇöÀç ÇØ´ç Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È¾÷µ¥ÀÌÆ®´Â ¹ßÇ¥µÇÁö ¾Ê¾ÒÀ½
   o Àӽà ÇØ°á¹æ¾ÈÀ¸·Î HCP ÇÁ·ÎÅäÄÝ µî·ÏÀ» ÇØÁ¦
     - Microsoft ±â¼úÀÚ·á¹®¼­[7]¿¡ "¼öÁ¤ Áö¿ø" ¼½¼ÇÀÇ "Microsoft Fix it 50459" À§ÀÇ ¸µÅ©¸¦
       Å¬¸¯ÇÏ¿© ÆÄÀÏ ´Ù¿î·Îµå ÈÄ ¼³Ä¡
       ¡Ø HCP ÇÁ·ÎÅäÄÝÀÇ µî·ÏÀ» ÇØÁ¦Çϸé hcp://¸¦ »ç¿ëÇÏ´Â ¸ðµç µµ¿ò¸» ¸µÅ©°¡ µ¿ÀÛÇÏÁö
           ¾ÊÀ¸¸ç ¿ø»óÅ·Πº¹±¸Çϱâ À§Çؼ­´Â "Microsoft Fix it 50460"¸¦ Àû¿ë
        
     - Ãë¾àÁ¡ °ø°³ÀÚ°¡ Á¦¾ÈÇÑ Àӽà Á¶Ä¡ ¹æ¾È[5]Àº ½±°Ô ¿ìȸµÉ ¼ö ÀÖÀ¸¹Ç·Î, MS¿¡¼­´Â 
        ±ÇÀåÇÏÁö ¾ÊÀ½[3]
   o KrCERT/CC¿Í MSº¸¾È ¾÷µ¥ÀÌÆ® »çÀÌÆ®[6]¸¦ ÁÖ±âÀûÀ¸·Î È®ÀÎÇÏ¿© ÇØ´ç Ãë¾àÁ¡¿¡ ´ëÇÑ
     º¸¾È ¾÷µ¥ÀÌÆ® ¹ßÇ¥ ½Ã ½Å¼ÓÈ÷ ÃֽŠ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇϰųª ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ¼³Á¤
     ¡Ø ÀÚµ¿¾÷µ¥ÀÌÆ® ¼³Á¤ ¹æ¹ý: ½ÃÀÛ¡æÁ¦¾îÆǡ溸¾È¼¾ÅÍ¡æÀÚµ¿¾÷µ¥ÀÌÆ®¡æÀÚµ¿(±ÇÀå) ¼±ÅÃ
   o Ãë¾àÁ¡¿¡ ÀÇÇÑ ÇÇÇظ¦ ÁÙÀ̱â À§ÇÏ¿© »ç¿ëÀÚ´Â ´ÙÀ½°ú °°Àº »çÇ×À» ÁؼöÇؾßÇÔ
     - ÆÄÀÏ°øÀ¯ ±â´É µîÀ» »ç¿ëÇÏÁö ¾ÊÀ¸¸é ºñÈ°¼ºÈ­ÇÏ°í °³ÀιæÈ­º®À» ¹Ýµå½Ã »ç¿ë
     - »ç¿ëÇÏ°í ÀÖ´Â ¹é½ÅÇÁ·Î±×·¥ÀÇ ÃֽŠ¾÷µ¥ÀÌÆ®¸¦ À¯ÁöÇÏ°í, ½Ç½Ã°£ °¨½Ã±â´ÉÀ» È°¼ºÈ­
     - ½Å·ÚµÇÁö ¾Ê´Â À¥ »çÀÌÆ®ÀÇ ¹æ¹® ÀÚÁ¦
     - Ãâó°¡ ºÒºÐ¸íÇÑ À̸ÞÀÏÀÇ ¸µÅ© Ŭ¸¯Çϰųª ÷ºÎÆÄÀÏ ¿­¾îº¸±â ÀÚÁ¦

[Âü°í»çÀÌÆ®]
[1] http://www.microsoft.com/technet/security/advisory/2219475.mspx
[2] http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx
[3] http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx
[4] http://www.theregister.co.uk/2010/06/10/windows_help_bug/
[5] http://seclists.org/fulldisclosure/2010/Jun/205
[6] http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=ko
[7
] http://support.microsoft.com/kb/2219475
  Adobe Flash Player ¹× AIR ´ÙÁß Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í
  [À©µµ¿ìÁî º¸¾È] 2010³â 6¿ù Microsoft º¸¾È ¾÷µ¥ÀÌÆ®






ȸ»ç¼Ò°³ °³ÀÎÁ¤º¸Ãë±Þ¹æħ ÀÌ¿ë¾à°ü À̸ÞÀÏÁÖ¼Ò ¹«´Ü¼öÁý°ÅºÎ CONTACT US IDC ¾àµµ
ȸ»ç¼Ò°³ °³ÀÎÁ¤º¸Ãë±Þ¹æħ ÀÌ¿ë¾à°ü À̸ÞÀÏÁÖ¼Ò ¹«´Ü¼öÁý°ÅºÎ CONTACT US IDC ¾àµµ ȸ»ç¼Ò°³ °³ÀÎÁ¤º¸Ãë±Þ¹æħ ÀÌ¿ë¾à°ü À̸ÞÀÏÁÖ¼Ò ¹«´Ü¼öÁý°ÅºÎ CONTACT US IDC ¾àµµ