$B%;%-%e%j%F%#%[!<%k(B memo - 2008.06

Last modified: Tue Mar 10 12:56:43 2009 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2008.06.30

$B"#(B Windows Vista $B$re%$%s%9%H!<%k$5$l$F$$$k>l9g!"CGB3E*$K%M%C%H%o!<%/(B $B%j%=!<%9$K%"%/%;%9$G$-$J$/$J$k(B
(Microsoft KB933657 revision 3.2, 2008.06.13)

$B!!(BWindows Vista gold $B$G$O!"(BNDIS Filter Driver $B$,J#?tEPO?$5$l$F$$$k$H!"%M%C%H%o!<%/$,CGB3E*$KDd;_$7$F$7$^$&!#@$$NCf$K$O(B

$B$?$a!"N>

$B!!2r7h:v$H$7$F$O!"(BVista gold $B$K(B 933657 hotfix $B$r%$%s%9%H!<%k$9$k$+!"(BVista SP1 $B$K%"%C%W%G!<%H$9$k!#(B $B4XO"(B:

$B"#(B 2008.06.29

$B"#(B $B$$$m$$$m(B (2008.06.29)
(various)

$B"#(B IE $B$KJ#?t$N7g4Y(B
(US-CERT, 2008.06.26$B!A(B27)

$B!!(BIE $B$KJ#?t$N7g4Y!#(B

2008.07.01 $BDI5-(B:

$B!!4XO"(B:

$B"#(B $B%5%$%\%&%:@=IJ$KJ#?t$N7g4Y(B
(JVN, 2008.06.27)

$B!!%5%$%\%&%:@=IJ$KJ#?t$N7g4Y!#(B

$B"#(B $BDI5-(B

APSB08-15 - Security Update available for Adobe Reader and Acrobat 8.1.2

$B!!$3$N7g4Y$rMxMQ$9$k%^%k%&%'%"$N>pJs$,=P$F$-$F$$$k$h$&$G!#(B

$B!!$7$+$7!"(BMcAfee $B$NCf$N?M$OH]DjE*8+2r$r;}$C$F$$$k$h$&$G(B: New PDF exploits: $B!H(BOld wine in a new bottle!$B!I(B (McAfee blog, 2008.06.26)

$B$$$m$$$m(B (2008.06.18)

$B!!(BFlex 3 $B$N7o!"F|K\8lHG(B Advisory $B=P$^$7$?(B: APSB08-14 - $B%/%m%9%5%$%H%9%/%j%W%F%#%s%0@H (Adobe)

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (954462) $B%f!<%6!<(B $B%G!<%?F~NO$NL$8!>Z$r0-MQ$7$?(B SQL $B%$%s%8%'%/%7%g%s967b$NA}2C(B

$B!!(BHP Scrawlr $B$K$D$$$F!"F?L>4uK>$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B)

HP Scrawlr$B$N7o!"D4::$7$F$_$^$7$?$,!"F|K\8l$N%(%i!<%a%C%;!<%8$r2r@O$G$-$F$$$J$$$3$H$,860x$N$h$&$G$9!#K\7o!"8=:_(BHP$B$KLd$$9g$o$;$r9T$C$F$*$j$^$9!#(B

$B$^$?!"2<5-$N5!G=E*$J@)8B$,$"$k$?$a!"MQES$,$+$J$j8BDj$5$l$k$H;W$$$^$9!#(B
* Will only crawls up to 1500 pages
* Does not support sites requiring authentication
* Does not perform Blind SQL injection
* Cannot retrieve database contents
* Does not support JavaScript or flash parsing
* Will not test forms for SQL Injection (POST Parameters)

$B"#(B 2008.06.28

$B"#(B $BDI5-(B

Windows XP SP3$B$N%l%8%9%H%jGKB;LdBj!"%^%$%/%m%=%U%H:n@.$N(Bexe$B%U%!%$%k$,860x(B

$B!!(BDevice Manager may not show any devices and Network Connections may not show any network connections after you install Windows XP Service Pack 3 (SP3) (Microsoft KB953979)$B!#?7HG$N(B fixccs.exe $B$,EP>l$7$F$$$^$9!#(Bcadz $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2008.06.25

$B"#(B JVN#36635562 - nProtect : Netizen $B$K$*$1$k%5!<%S%91?MQK832(B (DoS) $B$N@H
(JVN, 2008.06.25)

$B!!(BnProtect Starter ActiveX $B%3%s%H%m!<%k(B (npstarter.ocx) $B$K7g4Y$,$"$j!"(B $B0[>o$J(B PolicyUrl $B%Q%i%a!<%?$K$h$C$F%"%C%W%G!<%H%b%8%e!<%k(B (npdownx.exe) $B$,(B crash $B$9$k!#(B

$B!!(BPC $B$r:F5/F0$9$k$H!"<+F0E*$K99?7$5$l$k!#(Bnpstarter.ocx $B%U%!%$%k%P!<%8%g%s(B 2008,6,16,1 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (954462) $B%f!<%6!<(B $B%G!<%?F~NO$NL$8!>Z$r0-MQ$7$?(B SQL $B%$%s%8%'%/%7%g%s967b$NA}2C(B
(Microsoft, 2008.06.25)

$B!!(BSQL $B%$%s%8%'%/%7%g%sBP:v$H$7$F!"

$B!!4XO"(B:

2008.06.29 $BDI5-(B:

$B!!(BHP Scrawlr $B$K$D$$$F!"F?L>4uK>$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B)

HP Scrawlr$B$N7o!"D4::$7$F$_$^$7$?$,!"F|K\8l$N%(%i!<%a%C%;!<%8$r2r@O$G$-$F$$$J$$$3$H$,860x$N$h$&$G$9!#K\7o!"8=:_(BHP$B$KLd$$9g$o$;$r9T$C$F$*$j$^$9!#(B

$B$^$?!"2<5-$N5!G=E*$J@)8B$,$"$k$?$a!"MQES$,$+$J$j8BDj$5$l$k$H;W$$$^$9!#(B
* Will only crawls up to 1500 pages
* Does not support sites requiring authentication
* Does not perform Blind SQL injection
* Cannot retrieve database contents
* Does not support JavaScript or flash parsing
* Will not test forms for SQL Injection (POST Parameters)

2008.07.01 $BDI5-(B:

$B!!4XO"(B: New tools to block and eradicate SQL injection (Security Vulnerability Research & Defense, 2008.06.24)

$B"#(B $BDI5-(B

APSB08-15 - Security Update available for Adobe Reader and Acrobat 8.1.2

$B!!(B[$B%X%k%W(B] $B"*(B [$B%"%C%W%G!<%H$NM-L5$r%A%'%C%/(B] $B$K=P$k$h$&$K$J$j$^$7$?!#(B

$B!!%P!<%8%g%sI=<($O$d$C$Q$jJQ2=$7$J$$$N$G!"%3%s%H%m!<%k%Q%M%k$N!V%W%m%0%i%`$NDI2C$H:o=|!W$G3NG'$9$k$7$+$J$$$_$?$$!#0BED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$BB3!9!&(B Firefox 3 $B$JF|(B (IE $B$N@_Dj$,(B Firefox 3 $B$N5sF0$K1F6A$9$kOC(B)

$B!!(BFirefox3$B$N%@%&%s%m!<%I$,!V%$%s%?!<%M%C%H%*%W%7%g%s!W$N@_Dj$K0MB8$9$kOC(B ($B?eL57n$P$1$i$N$($SF|5-(B, 6/24)$B!"(B $B$($`$1$$$5$s$N%3%a%s%H(B$B!#(B $B$I$&$d$i5-=R$,B-$j$J$/$F8m2r$rM?$($F$$$k$h$&$J$N$G!"!V$3$N;EMM$,5$$KF~$i$J$$>l9g$O!"!W$H$$$&J88@$rDI2C$7$?!#(B

$B!!$=$N>e$G!"(B($B0J2<8eF|DI5-M=Dj(B)

$B"#(B 2008.06.24

$B"#(B APSB08-15 - Security Update available for Adobe Reader and Acrobat 8.1.2
(Adobe, 2008.06.23)

$B!!(BAdobe Reader / Acrobat $B$N(B JavaScript $BCVE-2008-2641$B!#96N,%3!<%I$,4{$K@$$K=P2s$C$F$$$k!#BP>]$O(B:

$B!!(BAdobe Reader / Acrobat 7.1.0 $B$K$O$3$N7g4Y$O$J$$!#$^$?!"(B2008.07 $B$KEP>l$9$kM=Dj$N(B Adobe Reader / Acrobat 9 $B$K$b$3$N7g4Y$O$J$$!#(B

$B!!BP1~$9$k$K$O(B:

$B$6$-$[$I(B Acrobat 8.1.2 for Windows $B$G!"(B[$B%X%k%W(B] $B"*(B [$B%"%C%W%G!<%H$NM-L5$r%A%'%C%/(B] $B$r

$B!!4XO"(B: Adobe Acrobat $B5Z$S(B Adobe Reader $B$N@H (JPCERT/CC, 2008.06.24)

2008.06.25 $BDI5-(B:

$B!!(B[$B%X%k%W(B] $B"*(B [$B%"%C%W%G!<%H$NM-L5$r%A%'%C%/(B] $B$K=P$k$h$&$K$J$j$^$7$?!#(B

$B!!%P!<%8%g%sI=<($O$d$C$Q$jJQ2=$7$J$$$N$G!"%3%s%H%m!<%k%Q%M%k$N!V%W%m%0%i%`$NDI2C$H:o=|!W$G3NG'$9$k$7$+$J$$$_$?$$!#0BED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

2008.06.29 $BDI5-(B:

$B!!$3$N7g4Y$rMxMQ$9$k%^%k%&%'%"$N>pJs$,=P$F$-$F$$$k$h$&$G!#(B

$B!!$7$+$7!"(BMcAfee $B$NCf$N?M$OH]DjE*8+2r$r;}$C$F$$$k$h$&$G(B: New PDF exploits: $B!H(BOld wine in a new bottle!$B!I(B (McAfee blog, 2008.06.26)

2008.07.01 $BDI5-(B:

$B!!F|K\8lHG%"%I%P%$%6%jEP>l(B: APSB08-15 - Adobe Reader/Acrobat 8.1.2$B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B (Adobe)

$B!!$"$H!"%@%&%s%m!<%I@h(B:

2008.07.11 $BDI5-(B:

$B!!(BRelease notes for Adobe Reader and Acrobat 8.1.2 SU1 security update (Adobe KB403742)$B!#(B8.1.2 Security Update 1 $BE,MQ>u67$N3NG'J}K!0lMw!#(B

$B"#(B $BG$0U$N%3!<%I$,
(ruby-lang.org, 2008.06.20)

$B!!(Bruby 1.8.4 $B0JA0(B / 1.8.5-p230 $B0JA0(B / 1.8.6-p229 $B0JA0(B / 1.8.7-p21 $B0JA0(B / 1.9.0-1 $B0JA0$KJ#?t$N7g4Y!#(B

$B!!(Bruby 1.8.5-p231 / 1.8.6-p230 / 1.8.7-p22 / 1.9.0-2 $B$G=$@5$5$l$F$$$k!#(B ruby 1.8.4 $B7O$O$b$O$dJ]

$B"#(B 2008.06.23

$B"#(B $BDI5-(B

Hacking The Interwebs

$B!!4XO"(B: $B%M%C%H%o!<%/5!4o$K$*$1$k(BUPnP$B5!G=$N@H (NEC, 2008.06.23)

Firefox 3 $B$N%@%&%s%m!<%I%^%M!<%8%c$G!"%@%&%s%m!<%I40N;;~$N%&%$%k%9%A%'%C%/5!G=$,$&$^$/F0$+$J$$$?$a$K(B (?) $B%@%&%s%m!<%I$7$?%U%!%$%k$,>C$($F$7$^$&>l9g$,$"$k(B

$B!!(BFirefox 3.0 $B%j%j!<%9%N!<%H(B $B$G$O!"$3$N5!G=$O$3$N$h$&$K@bL@$5$l$F$$$^$9!#(B

$B%&%$%k%9BP:v%=%U%H$NE}9g(B: Firefox $B$O!"

$B!!(BMac OS X $BHG$d(B UNIX $BHG$G$bF1MM$J$N$+$J$"!#(B

$B"#(B $B!V(BMac OS X 10.4/10.5$B!W$r>h$C
($BF|7P(B IT Pro, 2008.06.23)

$B!!(BMac OS X 10.4.x / 10.5.x $B$KIUB0$9$k(B Apple Remote Desktop Agent $B$K7g4Y$,$"$j!"(B local user $B$,MF0W$K(B root $B8"8B$rC%uBV$K$"$kLOMM!#(B CVE-2008-2830

$B!!?L8;CO$N(B Mac OS X Root Escalation Through AppleScript (slashdot.org, 2008.06.18) $B$d(B Serious Security Vulnerabilty In Apple OS X Leopard (Brian Krebs on Computer Security, 2008.06.20) $B$K$O!"(BPoC $B$H$7$F(B

osascript -e 'tell app "ARDAgent" to do shell script "whoami"'

$B$,7G:\$5$l$F$$$k$N$@$,!"Serious Security Vulnerabilty In Apple OS X Leopard $B$G$b(B Mac OS X 10.4.x $B$K$D$$$F$O5?Ld;k$7$F$$$kLOMM!#(B $B$7$+$7(B Mac OS X 10.5.x $B$G$O!"$?$H$($P(B$B$3$&$$$&$3$H(B (slashdot.org, 2008.06.18) $B$K$J$k$i$7$$!#(B

Intego$B$K$h$k$H!$!V(BA corrupt preference file has been detected and must be repaired.$B!W!J4D6-@_Dj%U%!%$%k$,2u$l$F$$$k$N$G=$I|$,I,MW$G$9!K$H$$$&%a%C%;!<%8$r=P$7!$4IM}

$B!!4IM}

2008.08.01 $BDI5-(B:

$B!!(BMac OS X - About Security Update 2008-005 $B$G=$@5$5$l$F$$$^$9!#(B

2008.09.17 $BDI5-(B:

$B!!(BMac OS X - About Security Update 2008-005 $B$G$N=$@5$O40A4$G$O$J$+$C$?$=$&$G!"(B About the security content of Apple Remote Desktop 3.2.2 $B$,8x3+$5$l$F$$$^$9!#:#EY$3$=Bg>fIW$+$J!#(B

$B"#(B 2008.06.22

$B"#(B $BB3!9!&(B Firefox 3 $B$JF|(B (IE $B$N@_Dj$,(B Firefox 3 $B$N5sF0$K1F6A$9$kOC(B)
($B

$B!!(BInternet Explorer $B$N(B [$B%$%s%?!<%M%C%H(B $B%*%W%7%g%s(B] ($B$"$k$$$O!"%3%s%H%m!<%k%Q%M%k$N(B [$B%$%s%?!<%M%C%H(B $B%*%W%7%g%s(B]) $B$K$*$$$F!"BP>]$H$J$k%I%a%$%s$,B0$7$F$$$k%>!<%s$N!V%"%W%j%1!<%7%g%s$H0BA4$G$J$$%U%!%$%k$N5/F0!W$r(B [$BL58z$K$9$k(B] $B$K@_Dj$7$F$$$k$H!D!D(B

$B!!!D!D(BFirefox 3 $B$K$*$$$F

$B!!$3$N2hLL$G$O(B rnp.br $B%I%a%$%s$+$i%@%&%s%m!<%I$7$h$&$H$7$F%V%m%C%/$5$l$F$$$^$9!#(Bhttp://mozilla.jp/ $B$N(B top $B%Z!<%8$N%j%s%/(B http://download.mozilla.org/?product=firefox-3.0&os=win&lang=ja $B$+$i%@%&%s%m!<%I$9$k$H!"

$B!!%V%m%/5-;v$G$O!V%$%s%?!<%M%C%H%>!<%s$N!W$H$J$C$F$$$^$9$,!"(B $B!<%s$N@_Dj$,;2>H$5$l$k$h$&$G$9!#(B

$B!!;EJ}$J$$$N$G!"%G%U%)%k%HCM$G$"$k(B [$B%@%$%"%m%0$rI=<($9$k(B] $B$r@_Dj$9$k$+!"$"$k$$$O(B$B$3$N;EMM$,5$$KF~$i$J$$>l9g$O(B Firefox 3 $B$r

2008.06.25 $BDI5-(B:

$B!!(BFirefox3$B$N%@%&%s%m!<%I$,!V%$%s%?!<%M%C%H%*%W%7%g%s!W$N@_Dj$K0MB8$9$kOC(B ($B?eL57n$P$1$i$N$($SF|5-(B, 6/24)$B!"(B $B$($`$1$$$5$s$N%3%a%s%H(B$B!#(B $B$I$&$d$i5-=R$,B-$j$J$/$F8m2r$rM?$($F$$$k$h$&$J$N$G!"!V$3$N;EMM$,5$$KF~$i$J$$>l9g$O!"!W$H$$$&J88@$rDI2C$7$?!#(B

$B!!$=$N>e$G!"(B($B0J2<8eF|DI5-M=Dj(B)

$B"#(B Firefox 3 $B$N%@%&%s%m!<%I%^%M!<%8%c$G!"%@%&%s%m!<%I40N;;~$N%&%$%k%9%A%'%C%/5!G=$,$&$^$/F0$+$J$$$?$a$K(B (?) $B%@%&%s%m!<%I$7$?%U%!%$%k$,>C$($F$7$^$&>l9g$,$"$k(B
(various)

$B!!(BFirefox 3 $B$N%@%&%s%m!<%I%^%M!<%8%c$O!"%@%&%s%m!<%I40N;;~$K!"%$%s%9%H!<%k$5$l$F$$$k%"%s%A%&%$%k%9%=%U%H$r;H$C$F%&%$%k%9%A%'%C%/$r9T$&$h$&$J$N$G$9$,!"$3$l$,$&$^$/F0$+$J$$$?$a$K(B (?)$B!"%@%&%s%m!<%I$7$?%U%!%$%k$,>C$($F$7$^$&>l9g$,$"$k$h$&$G$9!#(B

$B!!>e5-$O$I$A$i$b%H%l%s%I%^%$%/%m$,$i$_$N$h$&$G$9$,!"B>

$B!!$3$N8=>]$,H/@8$7$F$$$k>l9g$O!"(Babout:config $B$+$i(B browser.download.manager.scanWhenDone $B$r(B false $B$K(B ($B%@%&%s%m!<%I40N;;~$N%&%$%k%9%9%-%c%s$rL58z$K(B) $B@_Dj$9$k$3$H$G2sHr$G$-$k$h$&$G$9!#(B

2008.06.23 $BDI5-(B:

$B!!(BFirefox 3.0 $B%j%j!<%9%N!<%H(B $B$G$O!"$3$N5!G=$O$3$N$h$&$K@bL@$5$l$F$$$^$9!#(B

$B%&%$%k%9BP:v%=%U%H$NE}9g(B: Firefox $B$O!"

$B!!(BMac OS X $BHG$d(B UNIX $BHG$G$bF1MM$J$N$+$J$"!#(B

$B"#(B 2008.06.20

$B"#(B About the security content of Safari 3.1.2 for Windows
(Apple, 2008.06.20)

$B!!(BSafari 3.1.2 for Windows $BEP>l!#(B 4 $B$D$N7g4Y$,=$@5$5$l$F$$$k!#(B Mac OS X $BMQ$N(B Safari 3.1.2 $B$O$J$$!#(B

$B"#(B $BDI5-(B

Safari Carpet Bomb

$B!!(BSafari 3.1.2 for Windows $B$G=$@5$5$l$^$7$?!#(B

Microsoft 2008 $BG/(B 6 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS08-030 - $B6[5^(B: Bluetooth $B%9%?%C%/$N@H $B$N!"(BWindows XP SP2 / SP3 $BMQ$N=$@5%W%m%0%i%`$,:F%j%j!<%9$5$l$F$$$^$9!#(B Windows XP x64 Edition / x64 Edition SP2 $BMQ$N=$@5%W%m%0%i%`$OJQ2=$J$7$G$9!#(B

$B$J$
Windows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $B$K1F6A$r5Z$\$9LdBj$N$?$a!"%^%$%/%m%=%U%H$O(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs(B MS08-030 - Bluetooth $B%9%?%C%/$N@HpJs(B MS08-030 $B$GDs6!$7$?(B Windows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $BMQ$N99?7%W%m%0%i%`$O$3$N%;%-%e%j%F%#>pJs$G@bL@$7$F$$$k@H$N%P!<%8%g%s$K$D$$$F$O!"$3$N%;%-%e%j%F%#>pJs$G@bL@$7$F$$$kLdBj$KBP$9$kJ]8n$rDs6!$7$^$9!#(B
$B%^%$%/%m%=%U%H$O(B Windows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $B$K1F6A$r5Z$\$9%;%-%e%j%F%#99?7%W%m%0%i%`$N2~D{HG$rDs6!$9$k$3$H$r$*CN$i$;$9$k$?$a$K!"$3$N%;%-%e%j%F%#>pJs$r:F8x3+$7$^$7$?!#(BWindows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $B$rpJs$G:G=i$KDs6!$7$?%*%j%8%J%k$N%;%-%e%j%F%#99?7%W%m%0%i%`$r4{$KE,MQ$7$F$$$k$*5RMM$O!"$5$i$J$kA

$B!!4XO"(B: MS08-030 - $B99?7%W%m%0%i%`(B V2 ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2008.06.20)

$B"#(B 2008.06.19

$B"#(B Internet-connected coffee maker has security holes
(CNET, 2008.06.17)

$B!!(BHacking Coffee Makers $B$N7o!#$$$^$I$-$N%3!<%R!<%a!<%+!<$K$O$=$&$$$&5!G=$,$D$$$F$$$k$N$M!D!D!#(B

$B"#(B PC$B$N8m@_Dj$G?M@8$rK@$K?6$C$?IT1?$JCK$NOC!!Ha;4$H$7$+8@$$$h$&$N$J$$=PMh;v$b0lJb$^$A$,$($l$P!VL@F|$O2f$,?H!W(B
(computerworld, 2008.06.19)

$B!!%&%$%k%9$,;yF8%]%k%N$r%@%&%s%m!<%I$7$F$/$l$?$*$+$2$G!"!V(BPC$B$K;yF8%]%k%N!&%3%s%F%s%D$r%@%&%s%m!<%I$7$?$H$7$F5/AJ$5$l!";E;v$HM'?M$r<:$$!"$*$h$=(B1$BG/4V$rL5BL$K$9$k$O$a$K$J$C$?!W?M$NOC!#%U%)%l%s%8%C%/$K$h$C$FA4$F$,L@$i$+$K$J$C$?$+$i$^$@$$$$$b$N$N!D!D!#(B

$B"#(B $B:G?7HG$N(BAVG$B$K$h$C$F!"%H%i%U%#%C%/$,A}Bg!)(B
(slashdot.jp, 2008.06.18)

$B!!(BAVG 8 $B$N!V%j%s%/%9%-%c%J!W$KB8:_$9$k!V%5!<%A%7!<%k%I!W5!G=$K$OLdBj$,$"$kLOMM!#(B

  • $B@hFI$_$7$?>e$G%&%$%k%9%A%'%C%/$r9T$&$?$a!"%H%i%U%#%C%/$,0U?^$;$:A}Bg$9$k62$l$d!"0U?^$7$J$$(B web $B%"%/%;%9$r9T$C$F$7$^$&62$l$,$"$k(B

  • $B!V%5!<%A%7!<%k%I!W5!G=$rM-8z$K$9$k$H!"FCDj$NC18l$r(B Google $B8!:w$7$?>l9g$K(B Web $B%V%i%&%6(B (IE, Firefox $B$J$I(B) $B$,(B crash $B$9$k!#(B $B4XO"(B: Google$B$GFCDj$NC18l$r8!:w$9$k$H(BInternet Explorer $B$,6/@)=*N;$9$k(B (AVG)$B!#L58z$K$9$kJ}K!$,=R$Y$i$l$F$$$k!#(B

$B!!$J$*!"(BFirefox $B$G$b(B link rel="prefetch" $B$J%5%$%H$r@hFI$_$9$k$=$&$G!#(B about:config $B$N(B network.prefetch-next $B$,$=$l(B ($B%G%U%)%k%H(B: true)$B!#5$$K$J$k>l9g$O(B false $B$K$7$^$;$&!#(B

2008.07.04 $BDI5-(B:

$B!!4XO"(B:

$B"#(B SYM08-014 - Symantec Altiris Notification Server Agent GUI $B$K%m!<%+%k$GFC8">:3J$N@H
($B%7%^%s%F%C%/(B, 2008.06.17)

$B!!(BAltiris Notification Server Agent 6.x $B$K7g4Y!#(B local user $B$K$h$k8"8B>e>:$,2DG=!#(BAltiris Notification Server Agent 6.0 SP3 R8 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B $B!V(BFirefox 3$B!W8x3+(B5$B;~4V8e$KAa$/$b@H
(Internet Watch, 2008.06.19)

$B!!$5$C$=$/$G$9$+!#(B

$B$3$N@H

$B!!$J$s$@!"(BFirefox 2 $B$K$b1F6A$9$k$s$@!#(B CVE-2008-2785 CVE-2008-2786

$B"#(B 2008.06.18

$B"#(B $B$$$m$$$m(B (2008.06.18)
(various)

2008.06.29 $BDI5-(B:

$B!!(BFlex 3 $B$N7o!"F|K\8lHG(B Advisory $B=P$^$7$?(B: APSB08-14 - $B%/%m%9%5%$%H%9%/%j%W%F%#%s%0@H (Adobe)

$B"#(B $BDI5-(B

XREA$B$NL5NA%5!<%S%9$GI=<($5$l$k9-9pFb$K%&%#%k%9(B

$B!!%j%M!<%8%e;qNA<<$5$s$+$i$O!":rF|!"

$B@hF|$*CN$i$;$7$?(BXREA$B$NL5NA%5!<%S%9$GI=<($5$l$k9-9pFb$K%&%#%k%9$,Kd$a9~$^$l$?7o$O!":#F|BP=h$5$l$?$h$&$J$N$G$*CN$i$;$7$^$9!#$?$@$7!"8x<0%"%J%&%s%9$O$"$j$^$;$s!#(B
$B9-9p%5!<%P(B5$BBf$N$&$A!"1x@w$5$l$?%5!<%P$r4^$`(B4$BBf$G%U%!%$%k$,99?7$5$l!"%&%#%k%9;E9~$_$N%9%/%j%W%H$,:o=|$5$l$^$7$?!#$7$+$7!"$J$<$+(B1$BBf(B (210.153.116.18) $B$@$1$O!"8E$$%U%!%$%k$N$^$^$G$9!#(B
$BBP=h$5$l$F!V$d$l$d$l!W$H8@$C$?$H$3$m$G$O$"$k$N$G$9$,!"1?1D2q

$B!!$3$N7o!":rHU$h$&$d$/(B XREA $B$+$i%"%J%&%s%9$5$l$?$h$&$G$9!#(B

  • $BL5NA%f!<%6!<8~$19-9pG[?.%5!<%P!<$NIT6q9g$K$D$$$F(B (XREA&CORE SUPPORT BOARD, 2008.06.17)
    $B!{860x!'(B
    $B9-9pG[?.$d2hA|FI$_9~$_MQ$H$7$F!"30It$K9=C[0MMj$r$7$F$*$j$^$7$?J,;6%-%c%C%7%e%5!<%P! $B$&$R$c$"!#(B
    $B!{:#8e$NBP:v!'(B
    $B30It$K9=C[!&4IM}0MMj$7$F$$$?$?$a!"CQ$:$+$7$J$,$iJ@@\A`:n$,$G$-$J$+$C$?!"%3%_%e%K%1!<%7%g%s$,$&$^$/J$70QBw7@Ls$r8+D>$9$J$IAa5^$JBP:v$r$H$j$^$9!#(B

    $BL5NA%5!<%P!<$N4IM}BN@)$K$D$$$F$G$9$,!"8=e$KIQH/$9$k5,Ls0cH?$X$NBP1~LdBj$J$I$G%3%9%H$OA}2C$9$k0lJ}$G!"$+$D!"4IM}$K$*$1$kLdBj$bH/@8$9$k>u67$K$J$C$F$*$j$^$9!#$^$?!"$4MxMQ$N$*5RMM$K$b$4LBOG$r$*3]$1$9$k$N$O7h$7$F5v$5$l$^$;$s$,!"$=$l0J30$N30It$NJ}$K$b$4LBOG$r$*3]$1$9$k5v$5$l$J$$>u67!JLBOG%a!<%k!"%9%Q%`%V%m%0Ey!9!K$,A}$($D$D$"$j$^$9!#@5Ev$JM}M3$K$O$J$j$^$;$s$,!"L5NA%5!<%P!?=$7>e$2$^$7$F!"@V;z$H$J$C$F$$$k$?$a!"$J$k$Y$/%3%9%H:o8:$r9T$$!"$=$N0l4D$G30It0QBw$KMj$k>u67$,$"$j$^$9!#$?$@!"$3$l$i$O!"$*5RMM$KBP$9$kIT5CN$7$F$*$j$^$9!#(B

    8$B7n$K$FL5NA%5!<%P!<3+;O$+$i(B8$BG/$H$J$j$^$9!#3+;O$+$i!"$+$l$3$l(B8$BG/$b$N4V!"$*IU$-9g$$$$$?$@$$$F$$$kJ}$b$$$i$C$7$c$$$^$9!#K\Ev$K$"$j$,$H$&$4$6$$$^$9!#=@Fp$JBP1~$r$H?4$,$1$F$$$^$9$,!":Y$+$$BP1~$,$G$-$J$/$J$C$?$j!"Cf!9%9%?%C%U$N!">/$7$:$D$G$9$,!"8+D>$7!"2~A1$r?^$k=jB8$G$9!#:#8e$O!"4X78e$N:FE0Dl$r?^$k$H6&$K!"=y!9$K<+
  • $BL5NA%[%9%F%#%s%0!V(BXREA$B!W$N9-9p$K%&%$%k%9$X$N%j%s%/$,:.F~(B (Internet Watch, 2008.06.18)
$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (954474): System Center Configuration Manager 2007 $B$K$h$k%;%-%e%j%F%#99?7%W%m%0%i%`$NE83+$,%V%m%C%/$5$l$k(B

$B!!(Bpatch $B=P$^$7$?(B: System Center Configuration Manager 2007 blocked from deploying security updates (Microsoft KB954474)

$B"#(B 2008.06.17

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2008.06.13)

$B!!(BVMSA-2008-0009.1 $B$N7o!"(BVMware Server $B$K$D$$$F$O(B 1.0.6 $B$GBP1~$5$l$F$$$^$9(B (vmware.com $B<+?H$,8m5-!":#$OD>$C$F$^$9(B)$B!#(Bshutaro $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2008.06.16

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (954474): System Center Configuration Manager 2007 $B$K$h$k%;%-%e%j%F%#99?7%W%m%0%i%`$NE83+$,%V%m%C%/$5$l$k(B
(Microsoft, 2008.06.16)

$B!!(BMicrosoft 2008 $BG/(B 6 $B7n$N%;%-%e%j%F%#(B patch $B$rDs6!8e!"(BSystem Center Configuration Manager 2007 gold / SP1 $B$+$i(B SMS 2003 $B%/%i%$%"%s%H$K(B patch $B$rE83+$G$-$J$/$J$C$F$$$kLOMM!#$R$'!A!#(B

$B!!(Bpatch $B$O$^$@$J$$!#2sHr$9$k$K$O(B:

  • System Center Configuration Manager 2007 $B$N%=%U%H%&%'%"G[I[5!G=$rMxMQ$9$k(B
  • WSUS $B$d(B SMS 2003 $B$J$IB>$N%W%m%@%/%H$rMxMQ$9$k(B

2008.06.18 $BDI5-(B:

$B!!(Bpatch $B=P$^$7$?(B: System Center Configuration Manager 2007 blocked from deploying security updates (Microsoft KB954474)

$B"#(B Changes with Apache 2.2.9
(Apache.org, 2008.06.13)

$B!!(BApache 2.2.9 $BEP>l!#(B2 $B7o$N%;%-%e%j%F%#7g4Y$r4^$`=$@5$,$J$5$l$F$$$k!#(Biida $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2008.06.15

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2008.04.18)

$B!!(BWkImgSrv.dll $B$N7o(B: Why there won't be a security update for WkImgSrv.dll (Security Vulnerability Research & Defense, 2008.06.10)

Microsoft 2008 $BG/(B 6 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!4XO"(B:

$B"#(B 2008.06.13

$B"#(B Memory stick worms
(Nick Brown's blog, 2007.10.23)

$B!!(BUSB $B%a%b%j$J$I$K46@w$9$k%&%$%k%9$rKI;_$9$k$?$a$K(B Autorun.inf $B$rL58z$K$7$?$/$J$k$3$H$,$"$j$^$9$,!"$3$&$$$&(B .reg $B%U%!%$%k$r?)$o$;$l$P$$$$$=$&$G$9!#F`NI$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B 

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

$B!!$3$N@_Dj$r9T$&$H!"(BWindows $B$,(B Autorun.inf $B$r=hM}$7$h$&$H$7$?$H$-$K!"(BAutorun.inf $B$G$O$J$/(B HKEY_LOCAL_MACHINE\SOFTWARE\DoesNotExist $B%l%8%9%H%j$r8+$K9T$-!"$=$3$K$O2?$b$J$$$N$G2?$b5/$3$i$J$$!"$H$J$k$h$&$G$9!#(B $B85$KLa$7$?$$$H$-$O!"$3$N(B .reg $B%U%!%$%k"-$r;H$$$^$9!#(B 

REGEDIT4
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]

$B!!$J$*!"$3$N@_Dj$r9T$&$H!"@5>o$KMxMQ$G$-$J$/$J$k(B USB $B%a%b%j$,B8:_$9$k$h$&$G$9!#(B $B855-;v(B$B$N%3%a%s%HMw$K$O;vNc$H$7$F!V(BSanDisk U3 drives$B!W$,8l$i$l$F$$$^$9$,!"B>$K$b$=$&$$$&$b$N$O$"$k$+$b$7$l$^$;$s!#(B

$B!!4XO"(B:

$B"#(B $B$$$m$$$m(B (2008.06.13)
(various)

  • Linux ASN.1 BER kernel buffer overflow (SANS ISC, 2008.06.10)$B!#(BLinux 2.6.25.5 $B$GD>$C$F$$$k$=$&$G$9!#(BCVE-2008-1673

  • CVE-2008-2358$B!#(BLinux 2.6.18 $B$N(B Datagram Congestion Control Protocol (DCCP) $B%5%V%7%9%F%`$K(B $B7g4Y$,$"$j!"G$0U$N%3!<%I$N7$/LOMM!#(B

  • VMSA-2008-0009.1 (VMware, 2008.06.06 $B99?7(B)$B!#(B VMware Workstation 6.0.4 / 5.5.7, VMware Player 2.0.4 / 1.0.7, VMware ACE 2.0.4, VMware Server 1.0.7 1.0.6, VMware Fusion 1.1.3, VMware VIX 1.1.4 $B$GBP1~$5$l$F$$$k!#$^$?(B VMware ESX $B%5!<%P$K$O(B version $B$K1~$8$?(B patch $B$,MQ0U$5$l$F$$$k!#(B

  • CVE-2008-2549$B!#(BAcrobat Reader 8.1.2 $B$K(B DoS $B$"$k$$$OG$0U$N%3!<%I$N7$/7g4Y!#(B

  • CVE-2008-2547$B!#(BWindows $B%$%s%9%H!<%i(B 3.1.4000.1823 $B$*$h$S(B 4.5.6001.22159 $B$N(B msiexec.exe $B$K!"D9Bg$J(B GUID + /x $B%*%W%7%g%s(B ($B%"%s%$%s%9%H!<%k(B) $B;XDj;~$K(B buffer overflow $B$,H/@8!"G$0U$N%3!<%I$,

2008.06.17 $BDI5-(B:

$B!!(BVMSA-2008-0009.1 $B$N7o!"(BVMware Server $B$K$D$$$F$O(B 1.0.6 $B$GBP1~$5$l$F$$$^$9(B (vmware.com $B<+?H$,8m5-!":#$OD>$C$F$^$9(B)$B!#(Bshutaro $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B Opera 9.5 $B%j%j!<%9(B
(slashdot.jp, 2008.06.12)

$B!!(BOpera 9.5 $B$,%j%j!<%9$5$l$F$$$^$9!#?75!G=$J$I$K$D$$$F$O(B$B%W%l%9%j%j!<%9(B$B$r;2>H$J$N$G$9$,!"(B2 $B7o$N?75,%;%-%e%j%F%#7g4Y$b$"$o$;$F=$@5$5$l$F$$$^$9!#(B9.50 beta $B$K$@$1B8:_$7$?$b$N$J$N$+!"$=$l$H$b(B 9.27 $B0JA0$K$bB8:_$7$?$b$N$J$N$+$OITL@$G$9!#(B

$B!!$*$d!"(BKB884 $B$O2?!D!D$H;W$C$?$i!"(BChanges in Keyboard Shortcuts Between Opera 9.27 and Opera 9.50 $B$G$7$?!#(BFirefox $BIw$K$J$C$?$i$7$$$N$G!"5lMh$N%7%g!<%H%+%C%H$K47$l$F$$$k?M$OCm0U!#(B

$B!!(BOpera 9.50 $B%j%j!<%9%N!<%H$N(B Security $B%;%/%7%g%s(B$B$K$O(B Advisory: Certain characters can obscure the page address $B$b$"$k$N$G$9$,!"$3$l$O(B Opera 9.26 $B$G=$@5$5$l$F$$$k$b$N$G$9!#(B

$B!!$=$NB>!"(BOpera Fraud Protection $B$r6/2=$7$?$H$+!"(BEV SSL $B$KBP1~$7$?$H$+!"(BSSL v2 $B$OL58z$K$J$C$?$H$+!"$$$m$$$m!#(BOpera $B$O7Z$/$F9%$-$J$N$G$9$,!"(BOpera $B$@$H$&$^$/8+$l$J$$%Z!<%8$C$F$1$C$3$&B?$$$s$G$9$h$M!D!D!#(BFirefox $B$X$NBP1~$O$1$C$3$&9-$^$C$F$-$F$$$k46$8$J$N$G$9$,!"(BOpera $B$O$^$@$^$@$G$9!#(B

$B"#(B XREA$B$NL5NA%5!<%S%9$GI=<($5$l$k9-9pFb$K%&%#%k%9(B
($B%j%M!<%8%e;qNA<<(B, 2008.06.11)

$B!!(BXREA $B$,;HMQ$7$F$$$k9-9p%5!<%P(B imgj.xrea.com $B$O(B 5 $BBf$G9=@.$5$l$F$$$k$h$&$@$,!"(B 

% host imgj.xrea.com
imgj.xrea.com is an alias for j1.ax.xrea.com.
j1.ax.xrea.com has address 202.181.97.140
j1.ax.xrea.com has address 202.181.97.153
j1.ax.xrea.com has address 202.229.187.26
j1.ax.xrea.com has address 210.153.116.18
j1.ax.xrea.com has address 59.106.22.138

$B!!$3$N$&$A(B 202.181.97.153 $B$,1x@w$5$l$F$$$kLOMM!#%j%M!<%8%e;qNA<<$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B 

% jwhois 202.181.97.153
($BCfN,(B)
Network Information: [$B%M%C%H%o!<%/>pJs(B]
a. [IP$B%M%C%H%o!<%/%"%I%l%9(B]     202.181.96.0-202.181.107.255
b. [$B%M%C%H%o!<%/L>(B]             SAKURA-NET
f. [$BAH?%L>(B]                     $B%(%9%"!<%k%(%9!&$5$/$i%$%s%?!<%M%C%H3t<02q

$B!!$^$?$5$/$i$5$s$+!D!D!#%j%M!<%8%e;qNA<<$5$s$K$h$k$H(B:

$B2~cb$5$l$?$N$O!"9-9pOH$rI=<($9$k(BHTML$B$G$9!#(B

http://imgj.xrea.com/id_iframe.html

$B$3$N%U%!%$%k$NCV$+$l$F$$$k%5!<%P$O!"(BDNS$B%i%&%s%I%m%S%s$G(B5$BBf$N%5!<%P$,3d$jEv$F$i$l$F$$$^$9$,!"$=$N$&$A(B202.181.97.153$B$KCV$+$l$?$b$N$@$1$,2~cb$5$l$F$$$^$9!#(B

$B$=$NCf$K!"
http://1039045744:81/jp.js
$B"*(B http://1039045744:81
$B"*(B http://1039045744:81/show.php

$B:G8e$N(Bshow.php$B$O!"2r@O$rK8$2$k$?$a$+(Bwget$B$J$I$Gr7o$K$h$C$F$O
http://so.7walker.net/index.php?site=http%3A%2F%2Ffccja.com%3A81%2Fshow.php&hua=

$B:G=*E*$K$O(B http://1039045744:81/taa.gif ($BCf?H$O
Flash Player$B$,:G?7$G$"$l$PHo32$KAx$&$3$H$O$J$$$O$:$G$9$,!"J#?t%V%i%&%6MxMQ

$B!!%j%M!<%8%e;qNA<<$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#4XO"(B:

2008.06.18 $BDI5-(B:

$B!!%j%M!<%8%e;qNA<<$5$s$+$i$O!":rF|!"

$B@hF|$*CN$i$;$7$?(BXREA$B$NL5NA%5!<%S%9$GI=<($5$l$k9-9pFb$K%&%#%k%9$,Kd$a9~$^$l$?7o$O!":#F|BP=h$5$l$?$h$&$J$N$G$*CN$i$;$7$^$9!#$?$@$7!"8x<0%"%J%&%s%9$O$"$j$^$;$s!#(B
$B9-9p%5!<%P(B5$BBf$N$&$A!"1x@w$5$l$?%5!<%P$r4^$`(B4$BBf$G%U%!%$%k$,99?7$5$l!"%&%#%k%9;E9~$_$N%9%/%j%W%H$,:o=|$5$l$^$7$?!#$7$+$7!"$J$<$+(B1$BBf(B (210.153.116.18) $B$@$1$O!"8E$$%U%!%$%k$N$^$^$G$9!#(B
$BBP=h$5$l$F!V$d$l$d$l!W$H8@$C$?$H$3$m$G$O$"$k$N$G$9$,!"1?1D2q

$B!!$3$N7o!":rHU$h$&$d$/(B XREA $B$+$i%"%J%&%s%9$5$l$?$h$&$G$9!#(B

  • $BL5NA%f!<%6!<8~$19-9pG[?.%5!<%P!<$NIT6q9g$K$D$$$F(B (XREA&CORE SUPPORT BOARD, 2008.06.17)
    $B!{860x!'(B
    $B9-9pG[?.$d2hA|FI$_9~$_MQ$H$7$F!"30It$K9=C[0MMj$r$7$F$*$j$^$7$?J,;6%-%c%C%7%e%5!<%P! $B$&$R$c$"!#(B
    $B!{:#8e$NBP:v!'(B
    $B30It$K9=C[!&4IM}0MMj$7$F$$$?$?$a!"CQ$:$+$7$J$,$iJ@@\A`:n$,$G$-$J$+$C$?!"%3%_%e%K%1!<%7%g%s$,$&$^$/J$70QBw7@Ls$r8+D>$9$J$IAa5^$JBP:v$r$H$j$^$9!#(B

    $BL5NA%5!<%P!<$N4IM}BN@)$K$D$$$F$G$9$,!"8=e$KIQH/$9$k5,Ls0cH?$X$NBP1~LdBj$J$I$G%3%9%H$OA}2C$9$k0lJ}$G!"$+$D!"4IM}$K$*$1$kLdBj$bH/@8$9$k>u67$K$J$C$F$*$j$^$9!#$^$?!"$4MxMQ$N$*5RMM$K$b$4LBOG$r$*3]$1$9$k$N$O7h$7$F5v$5$l$^$;$s$,!"$=$l0J30$N30It$NJ}$K$b$4LBOG$r$*3]$1$9$k5v$5$l$J$$>u67!JLBOG%a!<%k!"%9%Q%`%V%m%0Ey!9!K$,A}$($D$D$"$j$^$9!#@5Ev$JM}M3$K$O$J$j$^$;$s$,!"L5NA%5!<%P!?=$7>e$2$^$7$F!"@V;z$H$J$C$F$$$k$?$a!"$J$k$Y$/%3%9%H:o8:$r9T$$!"$=$N0l4D$G30It0QBw$KMj$k>u67$,$"$j$^$9!#$?$@!"$3$l$i$O!"$*5RMM$KBP$9$kIT5CN$7$F$*$j$^$9!#(B

    8$B7n$K$FL5NA%5!<%P!<3+;O$+$i(B8$BG/$H$J$j$^$9!#3+;O$+$i!"$+$l$3$l(B8$BG/$b$N4V!"$*IU$-9g$$$$$?$@$$$F$$$kJ}$b$$$i$C$7$c$$$^$9!#K\Ev$K$"$j$,$H$&$4$6$$$^$9!#=@Fp$JBP1~$r$H?4$,$1$F$$$^$9$,!":Y$+$$BP1~$,$G$-$J$/$J$C$?$j!"Cf!9%9%?%C%U$N!">/$7$:$D$G$9$,!"8+D>$7!"2~A1$r?^$k=jB8$G$9!#:#8e$O!"4X78e$N:FE0Dl$r?^$k$H6&$K!"=y!9$K<+
  • $BL5NA%[%9%F%#%s%0!V(BXREA$B!W$N9-9p$K%&%$%k%9$X$N%j%s%/$,:.F~(B (Internet Watch, 2008.06.18)

2008.08.10 $BDI5-(B:

$B!!$^$?%d%i%l$F$?$s$8$c$J$$$+$H$$$&OC$,$"$k$=$&$G(B: $B%"%+%&%s%H%O%C%/BP:v!&%;%-%e%j%F%#(B $BAm9g%9%l(B #667$B!A(B (mmobbs.com)$B!#$$$A#F#F%W%l%$%d!<$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B (typo fixed: $B$$$A%M%H%2%U%!%s$5$s46

2008.08.11 $BDI5-(B:

$B!!4XO">pJs!#$$$A#F#F%W%l%$%d!<$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2008.06.12

$B"#(B $BDI5-(B

Microsoft 2008 $BG/(B 6 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS08-031 - IE $BN_@QE*(B patch $B$GD>$C$F$$$kHs%;%-%e%j%F%#$J7g4Y$O!"(BKB950759 $B$K$h$k$H(B 4 $B$D!#(B

$B"#(B DNS$B$,Jz$($k%j%9%/$H:G?7BP1~:v!A(BDNS$B$N0BDj1?MQ$K8~$1$F(B
(Internet Watch, 2008.06.12)

BIND 9.5$B$G%-%c%C%7%e%]%$%:%K%s%0BP:v$H$7$Fl9g$J$I$N

$B!!$($C(B! $B$H;W$C$F(B BIND 9 Administrator Reference Manual (BIND 9.5 $BBP1~HG(B) $B$r8+$k$H!"(B Chapter 6. BIND 9 Configuration Reference $B$K(B use-queryport-pool / queryport-pool-ports / queryport-pool-updateinterval $B$,$"$k$J$"!#%G%U%)%k%HM-8z!#(B

$B"#(B The "clean all" command in the diskpart.exe utility does not delete all the data on a disk on a Windows Server 2003-based computer
(Microsoft, 2008.06.11)

$B!!(BWindows Server 2003 $B$N(B diskpart $B$G(B clean all $B$rpJsO31H$r>7$-$+$M$J$$!#(B

$B!!(BVirtual Disk Service (VDS) $B%5!<%S%9$,Ie$C$F$$$k$=$&$G!"(BWindows Server 2003 SP1 / SP2 $BMQ$N(B HotFix $B$,$"$k$=$&$G$9!#(B

$B"#(B $B$$$m$$$m(B (2008.06.12)
(various)

2008.09.09 $BDI5-(B:

$B!!(BCORE-2008-0125: CitectSCADA ODBC service vulnerability $B$N7o!"(BMetasploit $B%b%8%e!<%k$H$7$F(B exploit $B$,8x3+$5$l$?LOMM!#(B

$B"#(B 2008.06.11

$B"#(B SNMPv3 $B$rZ2sHr$N@H
(JPCERT/CC, 2008.06.11)

$B!!(BSNMPv3 $B$NG'>Z5!G=$rZ=hM}$rMF0W$KDL2a$7$F$7$^$&$h$&$J96N,%Q%1%C%H$r:n@.$9$k$3$H$,2DG=!#$?$@$7!"%f!<%6L>$rCN$C$F$$$J$$$H967b$G$-$J$$!#(B CVE-2008-0960

$B"#(B Microsoft 2008 $BG/(B 6 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2008.06.11)

$B!!M=Dj$I$*$j$K%j%j!<%9$5$l$?$h$&$G$9!#6[5^(B x 3$B!"=EMW(B x 3$B!"7Y9p(B x 1$B!#(B

$B!!4XO"(B:

2008.06.12 $BDI5-(B:

$B!!(BMS08-031 - IE $BN_@QE*(B patch $B$GD>$C$F$$$kHs%;%-%e%j%F%#$J7g4Y$O!"(BKB950759 $B$K$h$k$H(B 4 $B$D!#(B

2008.06.15 $BDI5-(B:

$B!!4XO"(B:

2008.06.20 $BDI5-(B:

$B!!(BMS08-030 - $B6[5^(B: Bluetooth $B%9%?%C%/$N@H $B$N!"(BWindows XP SP2 / SP3 $BMQ$N=$@5%W%m%0%i%`$,:F%j%j!<%9$5$l$F$$$^$9!#(B Windows XP x64 Edition / x64 Edition SP2 $BMQ$N=$@5%W%m%0%i%`$OJQ2=$J$7$G$9!#(B

$B$J$
Windows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $B$K1F6A$r5Z$\$9LdBj$N$?$a!"%^%$%/%m%=%U%H$O(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs(B MS08-030 - Bluetooth $B%9%?%C%/$N@HpJs(B MS08-030 $B$GDs6!$7$?(B Windows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $BMQ$N99?7%W%m%0%i%`$O$3$N%;%-%e%j%F%#>pJs$G@bL@$7$F$$$k@H$N%P!<%8%g%s$K$D$$$F$O!"$3$N%;%-%e%j%F%#>pJs$G@bL@$7$F$$$kLdBj$KBP$9$kJ]8n$rDs6!$7$^$9!#(B
$B%^%$%/%m%=%U%H$O(B Windows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $B$K1F6A$r5Z$\$9%;%-%e%j%F%#99?7%W%m%0%i%`$N2~D{HG$rDs6!$9$k$3$H$r$*CN$i$;$9$k$?$a$K!"$3$N%;%-%e%j%F%#>pJs$r:F8x3+$7$^$7$?!#(BWindows XP Service Pack 2 $B$*$h$S(B Windows XP Service Pack 3 $B$rpJs$G:G=i$KDs6!$7$?%*%j%8%J%k$N%;%-%e%j%F%#99?7%W%m%0%i%`$r4{$KE,MQ$7$F$$$k$*5RMM$O!"$5$i$J$kA

$B!!4XO"(B: MS08-030 - $B99?7%W%m%0%i%`(B V2 ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2008.06.20)

$B"#(B 2008.06.10

$B"#(B $BDI5-(B

X.Org security advisory: multiple vulnerabilities in the X server

$B!!(BJVN#88935101 - X.Org Foundation $B@=(B X $B%5!<%P$K$*$1$k%P%C%U%!%*!<%P!<%U%m!<$N@H (JVN, 2008.06.10)$B!#(BCVE-2008-0006 - PCF Font parser buffer overflow $B$N7o!#(B

$B$$$m$$$m(B (2008.06.05)

$B!!(BLow-risk vulnerability in kl1.sys driver is closed (kaspersky, 2008.06.03) $B$N7o!"F|K\8l>pJs$,=P$F$$$^$7$?!#(B kl1.sys$B%I%i%$%P$N@H (kaspersky.co.jp, 2008.06.09)

Windows XP SP3$B$N%l%8%9%H%jGKB;LdBj!"%^%$%/%m%=%U%H:n@.$N(Bexe$B%U%!%$%k$,860x(B

$B!!(B Windows XP SP3$B$N%l%8%9%H%jGKB;LdBj!"%7%^%s%F%C%/$,BP1~%=%U%H$r%j%j!<%9!!(B $B!V(BNorton$B$N0lIt5!G=$b860x!W$H@UG$$N0lIt$rG'$a$k(B (computerworld, 2008.06.09)$B!#$J$s$@!"7k6I(B Norton $B$b%"%l$@$C$?$s$8$c$s!#(B $B;2>H(B: FAQ: Upgrading to Windows XP Service Pack 3 or Windows Vista Service Pack 1 with your Norton 2008 product installed (Symantec, 2008.06.05)

$B"#(B About the security content of QuickTime 7.5
(Apple, 2008.06.09)

$B!!(BQuickTime 7.5 $BEP>l!#(B5 $B

  • PICT $B2hA|$N=hM}$K7g4Y$,$"$j!"96N,(B PICT $B%U%!%$%k$r;H$C$FG$0U$N%3!<%I$rCVE-2008-1581

  • AAC $B%(%s%3!<%I$5$l$?%a%G%#%"$N=hM}$K$*$$$F%a%b%jGK2u$,H/@8$9$k7g4Y$,$"$j!"96N,(B AAC $B%a%G%#%"$r;H$C$FG$0U$N%3!<%I$rCVE-2008-1582

  • PICT $B2hA|$N=hM}$K$*$$$F(B heap buffer overflow $B$9$k7g4Y$,$"$j!"96N,(B PICT $B%U%!%$%k$r;H$C$FG$0U$N%3!<%I$rCVE-2008-1583

  • Indeo video codec $B$,;\$5$l$?(B movie $B%U%!%$%k$N=hM}$K$*$$$F(B stack buffer overflow $B$9$k7g4Y$,$"$j!"96N,(B Indeo video codec movie $B$r;H$C$FG$0U$N%3!<%I$rCVE-2008-1584

  • QuickTime $B$K$*$1$k(B file: URL $B$N=hM}$K7g4Y$,$"$j!"96N,(B QuickTime $B%3%s%F%s%D$r(B QuickTime Player $B$G:F@8$9$k$H!"G$0U$N%"%W%j%1!<%7%g%s$*$h$S%U%!%$%k$,CVE-2008-1585

$B!!(BQuickTime $B%@%&%s%m!<%I%Z!<%8(B$B$C$F!"%9%/%j%W%H$rM-8z$K$7$J$$$H(B Windows $BHG$r(B get $B$G$-$^$;$s$M!D!D!#(B

$B"#(B 2008.06.09

  • $B!U(B SANS Future Visions Tokyo 2008$B!#(B 2008.07.01$B!A(B02$B!"El5~ET9A6h!"%;%C%7%g%s;22C$OL5NA!#%H%l!<%K%s%0$OM-NA!#(B

    • $B"#(B 2008.06.08

    $B"#(B 2008.06.07

    $B"#(B 2008.06.06

    $B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2008 $BG/(B 6 $B7n(B
    (Microsoft, 2008.06.06)

    $B!!$b$&$=$s$J5(@a!#(B

    • Bluetooth
    • Internet Explorer
    • DirectX
    • WINS
    • Active Directory
    • PGM
    • killbit

    $B!!(BPGM $B$C$F2?(B? Reliable Multicast Programming (PGM) (MSDN) $B$N$3$H(B?

    This section describes the Pragmatic General Multicast (PGM) multicast protocol implementation in Windows, often referred to as reliable multicast. Reliable multicast is implemented through Windows Sockets in Windows Server 2003 and later.
    Windows XP: PGM is only supported when Microsoft Message Queuing (MSMQ) 3.0 is installed.

    $B!!4XO"(B: 2008$BG/(B6$B7n$N%;%-%e%j%F%#%j%j!<%9M=Dj(B ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2008.06.06)$B!#(BPGM $B$O>e5-$N$H$*$j$G$h$$$h$&$G$9!#(B

    $B"#(B 2008.06.05

    $B"#(B SKYPE-SB/2008-003: Skype File URI Security Bypass Code Execution Vulnerability
    (Skype, 2008.06.04)

    $B!!(BSkype for Windows 3.8.*.115 $B0JA0$K7g4Y!#(BSkype for Windows $B$K$*$1$k(B file: URI $B$N07$$$K7g4Y$,$"$j!"96N,(B file: URI $B$r%/%j%C%/$9$k$HG$0U$N%3!<%I$,CVE-2008-1805 CVE-2008-2545

    $B!!(BSkype for Windows 3.8.0.139 $B$G=$@5$5$l$F$$$k!#(B

    $B"#(B $B$$$m$$$m(B (2008.06.05)
    (various)

    2008.06.10 $BDI5-(B:

    $B!!(BLow-risk vulnerability in kl1.sys driver is closed (kaspersky, 2008.06.03) $B$N7o!"F|K\8l>pJs$,=P$F$$$^$7$?!#(B kl1.sys$B%I%i%$%P$N@H (kaspersky.co.jp, 2008.06.09)

    $B"#(B $BDI5-(B

    $BIT@5%"%/%;%9$KH<$&$*5RMM>pJsN.=P$K4X$9$k$*OM$S$H$*CN$i$;(B

    $B!!(B$B8D?M>pJsN.=P$K4X$9$kJdB-$N$*CN$i$;(B ($B%5%&%s%I%O%&%9(B, 2008.06.04)$B!#%/%l%8%C%H%+!<%I$O$^$@;H$($^$;$s$,!"$b$&$9$0;H$($k$h$&$K$J$k$C$]$$(B?

    $BB~:#%/%l%8%C%H%+!<%I2q

    $B!!$"$H!"!V%W%l%9%j%j!<%9$rH/I=$7$?M}M3!W$,6=L#?<$$$G$9$M$(!#(B

    $B$=$l$K$OBg$-$/#2$D$NM}M3$,$"$j$^$7$?!#$^$:!"Ho32$N>\:Y$r%;%-%e%j%F%#2q $B!!$b$&0l$D$NM}M3$O!"%/%l%8%C%H%+!<%I2q

    $B!!!V$b$&0l$D$NM}M3!W$NJ}$,5-=RNL$,B?$$$G$9$M!D!D!#$d$C$Q$j$=$A$i$,

    $B!!J@e$2$N(B3$B3dDxEY$G$"$j!"6H3&$N:GBgl$+$i!"22$9$k$3$H$J$/!"%/%l%8%C%H%+!<%I2q

    $B!!!VGd$j>e$2$N(B3$B3dDxEY!W$G$7$+$J$$$N$K!"MxMQ:F3+$N$?$a$K$+$1$J$1$l$P$J$i$J$$%3%9%H$,Bg$-$9$.$k!"$H$$$&$3$H$J$N$@$m$&$J$"!#(B

    $B"#(B 2008.06.04

    $B"#(B 2008.06.03

    $B!!$=$b$=$b!V(BOATH $B$K=`5r$7$?!W$H$$$&$N$,0UL#ITL@$@$J!D!D!#(B $BA4A3(BMITM$B$NOC$8$c$J$$(B$B$H$$$&OC$b!#(B

  • $B!U(B WSUS 2.0 SP1 $B$+$i$N%"%C%W%0%l!<%I$K$D$$$F(B (Japan WSUS Support Team Blog, 6/3)$B!#(B WSUS 2.0 SP1 $B"*(B WSUS 3.0 SP1 $B$X$N%"%C%W%0%l!<%I;~$NCm0UE@0lMw!#;29M$K$J$k$J$"!#(B

  • $B!U(B $B%"%+%\%&%/%8%i!':,<<$K#2F,I:Ce!!@x?e4O2;GH$GFb<*B;=}$+(B ($BKhF|(B, 6/2)

  • $B!U(B $BJl?F!"%?%9%]$r#1#5:PB);R$KB_$7$?5?$$!!A49q$G=i$NE&H/(B (asahi.com, 6/2)$B!#!VL$@.G/

    $B!!4XO"(B: $B!V%?%9%]B_$7$^$9!W!DGd$j>e$26l@o$N%[%F%k$d5o ($BFIGd(B, 5/31)$B!#2?$3$l!D!D!#(B

  • $B!U(B $B>pJs%b%i%k7pJs%b%i%k$H?M8"$X$NG[N8(B$B!#(B 2008.07.17$B!";0=E8)DE;T!"L5NA!#(B $BB>$N>l=j$G$b$d$C$F$^$9(B$B!#(B

  • $B!U(B $B;37A8)4p449bB.DL?.%M%C%H%o!<%/$,(B 6/2 $B$KA4LLDd;_$M$?(B$B!#(B taka $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#:#$OD>$C$F$$$k$=$&$G$9!#(B

    • $B%f!<%6;vNc(B: $B;37A8)!!8)FbA40h$X$N%5!<%S%9$r= (Cisco)$B!#9=@.?^$"$j!#(B2002 $BG/$K(B Catalyst6509 $B$G(B 1Gbps $B$H$$$&$H!"$B8)D#!'9bB.DL?.%M%C%HA4LLDd;_!!EE;RF~;%$J$I$KMxMQ!!!?;37A(B ($BKhF|(B, 6/3)$B!#>e5-%f!<%6;vNc$N9=@.?^$,;29M$K$J$k!#(B
      $B!!8)>pJs4k2h2]$K$h$k$H!"#3#0F|$KB<;3Am9g;YD#$GF1MM$N>c32$,H/@8!#8N>c8D=j$rFCDj$7!"#2F|$K=$M}$r;O$a$?$,!";YD#$H%M%C%H%o!<%/$G$D$J$,$k8)D#%a!<%s%9%$%C%A$K>c32$,9-$,$j!"$5$i$K#4;YD#$9$Y$F$K1F6A$,9-$,$C$?!#(B
      $B=$M}%_%9(B?
    • $B;37A8)$NDL?.%M%C%H%o!<%/$K>c32(B ($B%K%C%+%s%9%]!<%D(B, 6/2)
      $B!!F1F|8aA0#8;~H>$4$m!"B<;3Am9g;YD#!J;37A;T!KFb$N%M%C%H%o!<%/$KIT6q9g$,H/@8!#Ck$4$m$K=$I|:n6H$r$7$F$$$?$H$3$m!"4p44%M%C%H%o!<%/$,FMA3%@%&%s$7$?$3$H$+$i!"8)$O4XO"$rD4$Y$F$$$k!#(B
      $B$"$l(B? $BF|IU$,0c$&!D!D(B
    • $B8)$GD9;~4V%7%9%F%`>c32(B (NHK)
      $B8)$,D4$Y$?$H$3$m!"%7%9%F%`$NDL?.5!G=$r4IM}$9$k5!4o$K>c32$,$"$C$?$3$H$,$o$+$j!"H/@8$+$i#7;~4V6a$/$?$C$?!"#2F|8a8e#7;~$4$m$+$iI|5l:n6H$r;O$a!"#3F|D+$^$G$KBgItJ,$,I|5l$7$^$7$?!#(B
      $BJ?@.#1#4G/$K@0Hw$5$l$?$3$N%7%9%F%`$G$3$l$[$ID9;~4V$K$o$?$j>c32$,H/@8$7$?$N$O=i$a$F$G$9!#(B
    • $B;37A8)(B
      6$B7n(B2$BF|(B($B7n(B)$B8a8e(B0$B;~(B10$BJ,$4$m$+$i!";37A8)4p449bB.DL?.%M%C%H%o!<%/$N>c32H/@8$KH<$$!";37A8)%[!<%`%Z!<%8$N99?7$,$G$-$J$$>uBV$,B3$$$F$*$j$^$7$?!#(B
      6$B7n(B3$BF|(B($B2P(B)$B8aA0(B7$B;~$4$m$KI|5l$7!"8=:_$ODL>o$I$*$j2TF0$7$F$$$^$9!#(B
      $BMxMQ $B;37A8)$+$i$N>pJs8x3+$O$3$l$@$1$NLOMM!#(B

  • $B!U(B $B2F$OK!0a!&76:@$J$7$G#O#K!"!HANN7HG%/!<%k%S%:!I;O$^$k(B ($BFIGd(B, 6/2)$B!#$I$3$NOC$+$H;W$C$?$i!"@>K\4j;{$8$c$J$$$+!#(B

  • $B!U(B Secunia PSI RC2 $B$,=P$F$$$^$9!#(Bchangelog$B!#(BSecunia PSI $B$O0lEY;H$&$H$d$a$i$l$J$$$G$9!#(B

    $B!!4k6H8~$1%P!<%8%g%s$G$"$k(B Secunia NSI 2.0 $B$b=P$F$$$k$s$G$9$M!#(B1 $BBf$"$?$j(B 20 $B%f!<%m(B / $BG/(B $B$@$=$&$G$9!#(B

  • $B!U(B $B%P%J%J$h$5$h$&$J$i(B -- $B%Q%J%^IB$N5U=1(B (slashdot.jp, 6/2)$B!#%[%`%H%s%P%J%J$H$$$&$b$N$,$"$k$N$+!D!D!#(B $B4XO"(B: $B%P%J%JNAM}$N%P%J%J(B ($BCgNI$-$3$H$O%P%J%J$+$J(B)

  • $B!U(B $B$f$:%=%U%HJ}LL(B$B!#$d$C$Q$j(B ARP spoof $B$J$N$+$J$"!#(B

    $B!!(B$B$D$E$-$O$3$A$i(B

  • $B!U(B $B%5%$%H5,@)!'!VM-32!WL14V$,H=CG!D<+L1$HL1 ($BKhF|(B, 6/3)$B!"(B$B%5%$%H5,@)!'6H3&$NEXNO$K4|BT!D!V9q4XM?GS=|!W<+L1$,>yJb(B ($BKhF|(B, 6/3)

    $B!!>GE@$H$J$C$?!V2?$,M-32>pJs$KEv$?$k$+!W$NA*JL4p=`$O!"7{K!$,Dj$a$k!VI=8=$N<+M3!W$KG[N8$7!"L14V$NBh;0pJsE}@)$K$"$?$k!W$H6/$/H?H/$7$?$3$H$+$i!"=$@50F$G$O9q$N4XM?$rGS=|$7$?!#(B
    $B!!$?$@$7!"%U%#%k%?%j%s%0$N5!G=8~>e$d5;=Q3+H/$J$I$K$D$$$F$O!"L14VCDBN$,9q$KEPO?$7!">pJs8r49$r1_3j$K?J$a$k$3$H$J$I$b@9$j9~$s$@!#(B

    $B!!4XO"(B:

    • $B"#(B $B$$$m$$$m(B (2008.06.03)
    (various)

    $B"#(B 2008.06.02

    $B"#(B FFFTP $B$N(B FTP $B%/%i%$%"%s%H$K$*$1$k%G%#%l%/%H%j%H%i%P!<%5%k$N@H
    (vuln.sg, 2008.05.31)

    $B!!(BFFFTP 1.96b ($B:G?7HG(B) $B$K7g4Y!#(B .. $B%P%0(B ($B%G%#%l%/%H%j2#CG%P%0(B) $B$,$"$j!"96N,(B FTP $B%5!<%P$K%"%/%;%9$9$k$H!"%U%!%$%k$N%@%&%s%m!<%I$K$*$$$F!"G$0U$N>l=j$K%U%!%$%k$r%@%&%s%m!<%I$5$;$i$l$k62$l$,$"$k!#(B CVE-2008-6424

    $B!!=$@5HG$O3+H/Cf!#(B

    2008.08.28 $BDI5-(B:

    $B!!(BFFFTP 1.96c $B$G=$@5$5$l$^$7$?!#(B $BHx>e$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

    [$B%;%-%e%j%F%#%[!<%k(B memo]
    $B;d$K$D$$$F(B