$B%;%-%e%j%F%#%[!<%k(B memo - 2009.11

Last modified: Mon Jun 13 12:14:55 2011 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2009.11.30

$B"#(B $BDI5-(B

Microsoft Security Essentials Beta

$B!!(BIE$B$,5/F0$G$-$^$;$s!#(B ($B%Q%=%3%s%H%i%V%k=PD%=$M}!&%5%]!<%HF|5-(B, 2009.11.23)$B!#(B

$B$3$N%=%U%H$NK\Ev$N0U5A$O!"B>
$BB>
$B$K$"$k$s$8$c$J$$$+$H;W$$$^$7$?!#(B

$B!!$*$C$7$c$k$H$*$j$G$9!#(B $B%^%$%/%m%=%U%HC4Ev (Internet Watch, 2009.10.27) $B$H$+$bFI$s$G$"$2$F$M!#(B

$B"#(B $B4JC1$JA`:n$G@=IJ$N%P!<%8%g%s$r%A%'%C%/$G$-$k(B $B!V(BMyJVN$B%P!<%8%g%s%A%'%C%+!W$r8x3+(B
(IPA, 2009.11.30)

$B!!(BMyJVN$B%P!<%8%g%s%A%'%C%+(B$B!"$D$$$K=P$^$7$?$h1|$5$s(B! $B:#$N$H$3$mBP1~@=IJ$,>/$J$$$G$9$,!"(B OVAL $B$r=q$$$F$"$2$l$PFH<+$K$8$c$s$8$c$sDI2C$G$-$k!D!D$H$$$&5!G=$O$J$$$_$?$$!#(B $B;DG0!#(B

$B!!(B$B;H$C$F$_$?(B$B!#(B

2010.01.06 $BDI5-(B:

$B!!(B$B4k6H$G;H$($kL5=~!V%=%U%H%&%(%":G?72=>u678!::%D!<%k!W$rI>2A$9$k!!(B IPA$B$,(B11$B7nKv$KL5=~$N%D!<%k!V(BMyJVN$B%P!<%8%g%s%A%'%C%+!W$r8x3+(B ($BF|7P(B IT Pro, 2010.01.05)$B!#;32

$B"#(B 2009.11.29

$B"#(B $BDI5-(B

IE6 and IE7 0-Day Reported

$B!!(BIE$B$N@He!"%;%-%e%j%F%#@lLg2H$OCm0U$r8F$S$+$1(B (ComputerWorld.jp, 2009.11.26)

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!(B$B%5%s%7%c%$%sKR>l(B $B>pJs!VO*=P!WLdBj$N$^$H$a(B ($BH74]$h$b$d$^OC(B)

$B"#(B 2009.11.27

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!BP1~;vNc(B: Windows$B%m%4$,=P$?8e!"??$C9u$N2hLL$K%^%&%9%+!<%=%k$@$1!#$O(BNorton$B$,F~$C$F$$$F$b!D!#(B ($B%Q%=%3%s%H%i%V%k=PD%=$M}!&%5%]!<%HF|5-(B, 2009.11.19)

$B"#(B 2009.11.26

$B"#(B [Full-disclosure] Cacti 0.8.7e: Multiple security issues
(Moritz Naumann, 2009.11.26)

$B!!(BCacti 0.8.7e ($B:G?7HG(B) $B$KJ#?t$N(B XSS $B7g4Y$,$"$kOC!#(B official patch $B=P$F$^$9(B$B!#(B CVE-2009-4032 CVE-2009-4112

2009.12.28 $BDI5-(B:

$B!!(B Cacti$B$NJ#?t$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.12.01)

$B"#(B 2009.11.25

$B"#(B $B>pJs<}=87?!V(BBEBLOH$B!W$N?70!5=9T0Y$rF/$/!A(B
($B%H%l%s%I%^%$%/%m(B, 2009.11.09)

$B!!(BMicrosoft $B9b66@5OB$5$s$,(B Internet Week $B$G8@$C$F$$$?$N$O!"$3$&$$$&E[$N$3$H$+$J$"!#(B

$B"#(B $BDI5-(B

IE6 and IE7 0-Day Reported

$B!!4XO"(B:

Microsoft 2008 $BG/(B 12 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS08-076 - $B=EMW(B: Windows Media $B%3%s%]!<%M%s%H$N@H $B$,2~D{$5$l$F$$$k!#(B

2009/11/25: $B$3$N%;%-%e%j%F%#>pJs$r99?7$7!"!V$3$N%;%-%e%j%F%#99?7%W%m%0%i%`$K4X$9$k$h$/4s$;$i$l$k)$7$^$9!#$=$NB>$N%*%Z%l!<%F%#%s%0(B $B%7%9%F%`$r$4MxMQ$N$*5RMM$G!"$3$N99?7%W%m%0%i%`$r4{$K%$%s%9%H!<%k:Q$_$N>l9g$O!"$=$NB>$NA

$B!!$&$*$C!"$3$l$O!D!D!#C1$K!V$3$N99?7%W%m%0%i%`$r4{$K%$%s%9%H!<%k:Q$_$N>l9g$O!"$=$NB>$NA

$B"#(B Opera 10.10 (Opera Unite) for Windows changelog
(Opera.com, 2009.11.23)

$B!!(BOpera 10.10 $BEP>l!#(BOpera Unite $B5!G=$,@5<02=$5$l$^$7$?!#(B $B$"$H!"%;%-%e%j%F%#=$@5(B 3 $B$D!#(B

$B"#(B $B$$$m$$$m(B (2009.11.25)
(various)

$B"#(B BIND 9 Cache Update from Additional Section
(ISC, 2009.11.23)

$B!!$^$?$^$?(B bind $B$K7g4Y!#(BDNSSEC $B8!>Z$,M-8z$J>l9g$K7g4Y$,H/8=$7!"(B $BFCDj$N>r7o$K$*$$$F!"(BDNS $B1~Ez$K4^$^$l$k(B additional section $B$r%-%c%C%7%e$K5-O?$7$F$7$^$&!#(B

$B!!(Bbind 9.4.3-P4, 9.5.2-P1, 9.6.1-P2 $B$G=$@5$5$l$F$$$k!#(B CVE-2009-4022

$B!!(BJPRS $B$+$i$b=P$^$7$?(B: BIND 9$B$N@H)(B - (JPRS, 2009.11.25)

2009.12.06 $BDI5-(B:

$B!!(BJVNVU#418861: BIND 9 $B$N(B DNSSEC $B8!>Z=hM}$K$*$1$k@H (JVN, 2009.12.03)

$B"#(B 2009.11.24

$B!!:#F|$O=)MU86!#(B $B!D!D$"$!!"(BShare DoS $B$NOC(B$B$r:.$<$F$*$1$P$h$+$C$?$J$"(B ($B%/%i%&%I$M$?$J$N$G(B)$B!#H?>J!#(B

$B"#(B $BDI5-(B

IE6 and IE7 0-Day Reported

$B!!%"%I%P%$%6%j=P$^$7$?(B: $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B(977981) Internet Explorer $B$N@H (Microsoft, 2009.11.24)$B!#(BIE 5.01 / 8 $B$K$O1F6A$7$J$$$3$H$,3NG'$5$l$F$$$k!#(B Ilion $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B"#(B 2009.11.23

$B"#(B $BDI5-(B

WordPress 2.8.6 Security Release

$B!!(BWordPress$B$N(Bfile.php$B$N@HZ%l%]!<%H(B (NTT $B%G!<%?%;%-%e%j%F%#(B, 2009.11.19)

APSB09-17: Workaround available for potential Photoshop Elements privilege escalation issue

$B!!(BAPSB09-17: Photoshop Elements$B$N@x:_E*$J8"8B>:3JLdBj$N2sHr:v8x3+(B (Adobe, 2009.11.18)

$B"#(B 2009.11.22

$B"#(B IE6 and IE7 0-Day Reported
(SANS ISC, 2009.11.22)

$B!!(BIE 6 / IE 7 $B$K1F6A$9$k(B Microsoft HTML Viewer (mshtml.dll) $B$N(B 0-day $B7g4Y!#(B IE7 (bugtraq, 2009.11.21) $B$N7o!#(B patch $B$O$b$A$m$s$^$@$J$$!#(B

2009.11.24 $BDI5-(B:

$B!!%"%I%P%$%6%j=P$^$7$?(B: $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B(977981) Internet Explorer $B$N@H (Microsoft, 2009.11.24)$B!#(BIE 5.01 / 8 $B$K$O1F6A$7$J$$$3$H$,3NG'$5$l$F$$$k!#(B CVE-2009-3672$B!#(B Ilion $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

2009.11.25 $BDI5-(B:

$B!!4XO"(B:

2009.11.29 $BDI5-(B:

$B!!(BIE$B$N@He!"%;%-%e%j%F%#@lLg2H$OCm0U$r8F$S$+$1(B (ComputerWorld.jp, 2009.11.26)

2009.12.10 $BDI5-(B:

$B!!(BMS09-072 - $B6[5^(B: Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (976325) (Microsoft) $B$G=$@5$5$l$^$7$?!#(B

$B!!4XO"(B: [Full-disclosure] iDefense Security Advisory 12.08.09: Microsoft Internet Explorer HTML Layout Engine Uninitialized Memory Vulnerabilit

$B"#(B $B$$$m$$$m(B (2009.11.22)
(various)

$B"#(B Windows Live Hotmail$B%5!<%S%9$NFCDj%I%a%$%s!J(Bkeroro.com$B!K$K$*$1$k%a!<%k%"%I%l%9
(MSN, 2009.11.16 $B99?7(B)

$B!!(B$B%1%m%m73Ab!_(BWindowsLive $B0l=o$K(B10$B<~G/%9%Z%7%c%k4k2h!!(B $B%"%I%l%9$OAa$$!$A$G$"$j$^$9$h(B?$B"v(B (msn.com) $B$K$*$$$F!"%a!<%k%"%I%l%9$NB?=Eh$CpJsO31L!&%W%i%$%P%7!

$B!cIT6q9g$N>\:Y!d(B
$BH/@84|4V!'(B2009$BG/(B10$B7n(B28$BF|!A(B11$B7n(B12$BF|!JF|K\;~4V!K$^$G!#(B

$B1F6A$r$&$1$?%a!<%k%"%I%l%9!'(B2009$BG/(B9$B7n(B7$BF|!A(B11$B7n(B12$BF|$^$G$K!"(B*@keroro.keroro.com, *@giroro.keroro.com, *@tamama.keroro.com, *@kululu.keroro.com, *@dororo.keroro.com $B$G

$B!!%"%J%&%s%9J8$r8+$k8B$j$G$O7g4Y$N1F6A$r

$B>e5-$N;v>]$K$D$$$FIT6q9g$N$*?4Ev$?$j$,$"$k%f!<%6!<$N3'MM$O!"BgJQ$*Z$9$k$?$a$KLrN)$D$=$NB>$N>pJs!W$NMs$KIT6q9g$N>u67$r5-:\$/$@$5$$!#!K(B

$B!!

$B!!$3$N7o!"4uK>$NJ}$+$i%a!<%k$r$$$?$@$$$F$$$k(B ($B$"$j$,$H$&$4$6$$$^$9(B) $B$N$@$,!"(B

11$B7n(B5$BF|$K3:Ev%"%+%&%s%H$G%a%C%;%s%8%c!<%m%0%$%s$,IT2DG=$K$J$C$?;v$K5$$,$D$-(B Microsoft$B$KLd$$9g$o$;$r3]$1!"2?EY$+%a!<%k$N$d$j5A$N%a!<%k$,FO$$$F%S%C%/%j$7$F$$$k>uBV$G$9!#(B
($B$=$NIT6q9g>pJs$N8x3+F|$,(B16$BF|IU$1$K$J$C$F$^$9$7!DLd$$9g$o$;7o?t(B5$B7o$N$&$A$N(B1$B?M$J$N$K!"$b$C$HAa$/%a!<%k$/$l$l$P$$$$$N$K$HJ034Cf$G$9!D(B)

$B!!(BMicrosoft $B$NBP1~$O%\%m%\%m$_$?$$$G$9$M!#%"%J%&%s%9J8$G$b!"(B

$BJ@

$B!!!V2r7h$K8~$1$FBP1~$7$F$*$j$^$9!W$H$$$&$@$1$G!"MxMQu67$J$N$G!"8DJLBP1~$K$J$i$6$k$rF@$J$$!"$H$$$&$3$H$J$N$+$b$7$l$J$$$1$I!#(B

$BK\7o$K$D$$$F$N%f!<%6!<$+$i$NLd$$9g$o$;!'(B5$B7o!J(B11$B7n(B12$BF|;~E@!K(B
($BCfN,(B)
$B!J(B2009.11.16 $B99?7!K(B

$B!!$U$D$&!":G=*99?7;~E@$G$N?M?t$r=q$/$b$N$@$H;W$&$,!D!D!#(B

$B"#(B 2009.11.20

$B"#(B PHP 5.3.1 Release Announcement
(PHP.net, 2009.11.19)

$B!!=P$^$7$?!#(BSecurity Enhancements and Fixes $B$H$$$&9`L\$b!"$A$c$s$H$"$j$^$9!#(B

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!(BLAC $B;XE&(B $B$N(B IP $B%"%I%l%9$r(B log $B$GD4$Y$F$_$?$i!"46@w5?$$;vNc$r(B 2 $B7oH/8+!#(B $B$=$N$&$A$N(B 1 $B7o$G$O(B VirusScan Enterprise $B$,

$B!!4XO"(B:

$B"#(B 2009.11.19

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!4XO"(B:

$B"#(B Google Chrome Frame Update (4.0.245.1): Bug Fixes
(Google Chrome Release blog, 2009.11.18)

$B!!(BIE$B$r!H(BChrome$B!IAjEv$X6/2=$9$k%W%i%0%$%s!V(BGoogle Chrome Frame$B!W(B 4.0.245.1 $B$,8x3+$5$l$F$$$k!#%;%-%e%j%F%#=$@5$,4^$^$l$F$$$k!#(B

Security Fix
Google Chrome Frame 4.0.223.9 and earlier versions were vulnerable to a cross-origin bypass.

Severity: High. An attacker could have bypassed cross-origin protections. Although important, "High" severity issues do not permit persistent malware to infect a user's machine. We're unaware of any exploitation of this issue.

$B!!(BMicrosoft $B$+$i$N;XE&$K$h$k$i$7$$!#(B

Credit: Thanks to Billy Rios and Microsoft Vulnerability Research (MSVR) and also to Lostmon for finding and reporting this vulnerability responsibly.

$B"#(B 2009.11.18

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!(BGumblar$B$N%V%m%C%/>u67$NNc(B (cNotes, 2009.11.17)$B!#(BGoogle Safe Browsing, Norton Safe Web, McAfee Site Advisor $B$G$NHf3S!#(B

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!(B$B%5%s%7%c%$%sKR>l$N7o!" ($B?eL57n$P$1$i$N$($SF|5-(B, 2009.11.18)

Firefox 3.5.4 / 3.0.15 $B%j%j!<%9(B

$B!!(B$B%A%'%C%/$7$F$*$-$?$$$<$$pJs!c(B2009.11.10$B!d(B ($BF|7P(B IT Pro, 2009.11.10)$B!#(B MFSA 2009-62: RTL $BJ8;z$K$h$k%@%&%s%m!<%I%U%!%$%kL>$N56Au(B $B$rFC=P$7$7$F2r@b!#(BUnicode $B$NNc$N%"%l!#(B

$B"#(B 2009.11.17

$B"#(B $BDI5-(B

$B652J=q$K:\$i$J$$(BWeb$B%"%W%j%1!<%7%g%s%;%-%e%j%F%#(B

$B!!4XO"(B: Firefox 2.0.0.20 $B$K$*$1$k(BinnerHTML$B$NITHw(B (hoshikuzu | star_dust $B$N=q:X(B, 2009.11.17)

$B"((B2009/2/27$B$K!N$3$l$O$R$I$$!O(BIE$B$N0zMQId$N2r/$7Aa$$%?%$%_%s%0$G$"$l$P!"(BOpera$B$d(BFirefox$B$G$NN`;w%P%0$,B8:_$7$F$$$?$3$H$H$J$j$^$9!#$A$J$_$K!"(BOpera$B$NJ}$,@h$K=$@5$5$l$F$$$?$N$G$9$M!#(B(;-p)

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!(B$B!V(BGumblar$B!W9s;w%&%$%k%9Ho323HBg!"9qFb(B1250$B%5%$%H0J>e2~$6$s(B (Internet Watch, 2009.11.17)

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!(B$B%5%s%7%c%$%sKR>l$N(BRekoo$BF|K\K!?M@_N)$G!">pJsO31L$N7o$NOC(B ($B?eL57n$P$1$i$N$($SF|5-(B, 2009.11.16)

$B"#(B 2009.11.16

$B"#(B $B$$$m$$$m(B (2009.11.16)
(various)

$B"#(B $BDI5-(B

APSB09-15: Security Advisory for Adobe Reader and Acrobat

$B!!(BAdobe Reader$B!"5Z$S!"(BAcrobat$B$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.11.09)

Microsoft 2009 $BG/(B 11 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!8E$$(B ATI Radeon HD 2400 $B%I%i%$%P$N7o4XO"(B: MS09-065(KB969947)$B$G(BDELL OPTIPLEX 740$B$,;`K4(B ($B?eL57n$P$1$i$N$($SF|5-(B, 2009.11.11)

$B!!(BWin32k $B$N(B EOT $B2r@O$N@HCVE-2009-2514 $B$N7o4XO"(B: Windows$B$N(BEmbedded OpenType$B=hM}$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.11.16)

Windows 7 / Windows Server 2008 R2 Remote SMB Exploit

$B!!(BWindows$B$N(BSMB$B!J(BKeAccumulateTicks$B4X?t!K$N(BDoS$B967b$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.11.16)

$B!V(BOAuth$B!W%W%m%H%3%k$K@H

$B!!%W%m%H%3%k%P!<%8%g%s(B 1.0a $B$GD>$C$?$_$?$$!#(B

$B"#(B $B%"%C%W%k$O$J$<(BWindows$B$N(BAutoRun$B$K43>D$7$h$&$H$9$k$N$+(B
(ZDNet, 2009.11.16)

$B!!(BApple $B$G$9$+$i!#(B

Apple$B$,(BAutoRun$B$N4m81$rM}2r$9$k$N$K$b!"(B5$BG/!"(B10$BG/!"$"$k$$$O(B25$BG/$+$+$k$N$@$m$&$+!)(B

$B!!(B25 $BG/$?$C$F$b$o$+$i$J$$!"$K(B 1 $BI

$B"#(B 2009.11.15

$B"#(B $BDI5-(B

Renegotiating TLS

$B!!(BTLS and SSLv3 vulnerabilities explained (g-sec.lu)

$B"#(B WordPress 2.8.6 Security Release
(WordPress.org, 2009.11.12)

$B!!(BXSS $B7g4Y$H(B [Full-disclosure] WordPress <= 2.8.5 Unrestricted File Upload Arbitrar y PHP Code Execution $B$N7o$,=$@5$5$l$F$$$k$=$&$G!#(B

2009.11.23 $BDI5-(B:

$B!!(BWordPress$B$N(Bfile.php$B$N@HZ%l%]!<%H(B (NTT $B%G!<%?%;%-%e%j%F%#(B, 2009.11.19)

$B"#(B 2009.11.14

$B"#(B $BDI5-(B

Windows 7 / Windows Server 2008 R2 Remote SMB Exploit

$B!!(BSA $B=P$^$7$?(B: $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (977544) SMB $B$N@H (Microsoft, 2009.11.14)$B!#2sHr:v$H$7$F$O!"(B139/tcp $B$*$h$S(B 445/tcp $B$r%V%m%C%/$9$k$7$+$J$$$=$&$G$9!#(B

$B"#(B 2009.11.13

$B"#(B Windows 7 / Windows Server 2008 R2 Remote SMB Exploit
(SANS ISC, 2009.11.12)

$B!!(B[Full-disclosure] Windows 7 , Server 2008R2 Remote Kernel Crash (laurent gaffie, 2009.11.11) $B$N7o!#(BWindows 7 / Windows Server 2008 R2 $B$N(B SMB $B%/%i%$%"%s%HCVE-2009-3676

2009.11.14 $BDI5-(B:

$B!!(BSA $B=P$^$7$?(B: $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (977544) SMB $B$N@H (Microsoft, 2009.11.14)$B!#2sHr:v$H$7$F$O!"(B139/tcp $B$*$h$S(B 445/tcp $B$r%V%m%C%/$9$k$7$+$J$$$=$&$G$9!#(B

2009.11.16 $BDI5-(B:

$B!!(BWindows$B$N(BSMB$B!J(BKeAccumulateTicks$B4X?t!K$N(BDoS$B967b$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.11.16)

2010.04.19 $BDI5-(B:

$B!!(BMS10-020 - $B6[5^(B: SMB $B%/%i%$%"%s%H$N@H $B$G=$@5$5$l$^$7$?!#(B

$B"#(B $BDI5-(B

Microsoft 2009 $BG/(B 3 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS09-006 patch $B$K$OI{:nMQ$,$"$j!"(BHotFix $B$,MQ0U$5$l$F$$$kLOMM!#(B

Renegotiating TLS

$B!!(BStealing Cookies with SSL Renegotiation (IBM ISS, 2009.11.12)

Stable Channel Update: Google Chrome 3.0.195.32

$B!!(BGoogle Chrome 3.0.195.33 $BEP>l!#(B3.0.195.32 $B$K$O!"5/F0$K<:GT$9$kIT6q9g$,$"$C$?LOMM!#(B

$B!!%;%-%e%j%F%#=$@5$b4^$^$l$F$$$k!#(BCVE-2009-2816

Microsoft 2009 $BG/(B 11 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS09-065 patch + $B8E$$(B ATI Radeon HD 2400 $B%I%i%$%P$GIT6q9gH/@8$@$=$&$G!#(B

$B!!BP1~$9$k$K$O!"(Bsafe mode $B$G5/F0$7$F(B MS09-065 patch $B$r0lC6%"%s%$%s%9%H!<%k!"(B $B:F5/F0$7$F(B Radeon $B%I%i%$%P$r99?7!"$=$N8e(B MS09-065 patch $B$r:F%$%s%9%H!<%k!#(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!(BThe Gumblar system (viruslist.com, 2009.11.11)$B!#?7(B Gumblar $B$N9=B$2r@O!#(B

Why is Gumblar so widespread? The answer is quite simple: it's a fully automated system. It's a new generation of self-building botnets.

$B"#(B 2009.11.12

$B"#(B Microsoft 2009 $BG/(B 11 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2009.11.11)

MS09-063 - $B6[5^(B: Web Services on Devices API $B$N@H

$B!!(BWindows Vista / Server 2008 $B$K7g4Y!#(BWeb Services on Devices API (WSDAPI) $B$K$*$$$F!"(BWSD $B%a%C%;!<%8$NFCDj$N%X%C%@$N=hM}$K7g4Y$,$"$j!"G$0U$N%3!<%I$rCVE-2009-2512

$B!!(BExploitability Index: 2

MS09-064 - $B6[5^(B: $B%i%$%;%s%9(B $B%m%0(B $B%5!<%P!<$N@H

$B!!(BWindows 2000 Server $B$K7g4Y!#(BMicrosoft $B%i%$%;%s%9(B $B%m%0(B $B%5!<%P!<$K7g4Y$,$"$j!"96N,(B RPC $B%a%C%;!<%8$K$h$C$FG$0U$N%3!<%I$r CVE-2009-2523

$B!!(BExploitability Index: 2

MS09-065 - $B6[5^(B: Windows $B%+!<%M%k(B $B%b!<%I(B $B%I%i%$%P!<$N@H

$B!!(BWindows 2000 / XP / Server 2003 / Vista / Server 2008 $B$K7g4Y!#(B Windows Kernel $B$K(B 3 $B$D$N7g4Y$,$"$k!#(B

  • Win32k $B$N(B NULL $B%]%$%s%?!<5U;2>H$N@HCVE-2009-1127

    Exploitability Index: 2

  • Win32k $B$N%G!<%?$NIT==J,$J8!>Z$N@HCVE-2009-2513

    GDI $B$N%+!<%M%k(B $B%3%s%]!<%M%s%H$r2p$7$?%f!<%6F~NO$N8!>Z$K7g4Y$,$"$j!"(B $BG$0U$N%3!<%I$r

  • Win32k $B$N(B EOT $B2r@O$N@HCVE-2009-2514

    $B96N,(B Embedded OpenType (EOT) $B%U%)%s%H$G%l%s%@%j%s%0$5$l$?%Z!<%8$rI=<($9$k$HG$0U$N%3!<%I$,

MS09-066 - $B=EMW(B: Active Directory $B$N@H

$B!!(BWindows 2000 Server / XP / Server 2003 / Server 2008 $B$K7g4Y!#(B Active Directory / Active Directory Application Mode (ADAM) / Active Directory Lightweight Directory Services (AD LDS) $B$K7g4Y$,$"$j!"(B $BFCDj$N(B LDAP / LDAPS $B%j%/%(%9%H$K$h$C$F(B stack $B$,>CHq$5$l$k$?$a!"(BDoS $B967b$,@.N)!#(BCVE-2009-1928

$B!!(BExploitability Index: 3

MS09-067 - $B=EMW(B: Microsoft Office Excel $B$N@H

$B!!(BExcel 2002 / 2003 / 2007$B!"(BOffice 2004 / 2008 for Mac$B!"(B Open XML File Format Converter for Mac$B!"(BExcel Viewer$B!"(B Word/Excel/PowerPoint 2007 $B%U%!%$%k7A<0MQ(B Microsoft Office $B8_495!G=%Q%C%/(B $B$K(B 8 $B$D$N7g4Y!#(B

  • Excel $B$N%-%c%C%7%e(B $B%a%b%jGKB;$N@HCVE-2009-3127

    $B$3$N967b$O(B Microsoft Office Isolated Conversion Environment (MOICE) $B$rMxMQ$9$k$3$H$G2sHr$G$-$k!#(B Exploitability Index: 2

  • Excel $B$N(B SxView $B%a%b%jGKB;$N@HCVE-2009-3128

    $B$3$N967b$O(B Microsoft Office Isolated Conversion Environment (MOICE) $B$rMxMQ$9$k$3$H$G2sHr$G$-$k!#(B Exploitability Index: 2

  • Excel $B$N(B Featheader $B%l%3!<%I(B $B%a%b%jGKB;$N@HCVE-2009-3129

    $B$3$N967b$O(B Microsoft Office Isolated Conversion Environment (MOICE) $B$rMxMQ$9$k$3$H$G2sHr$G$-$k!#(B Exploitability Index: 1

    $B4XO"(B: Microsoft Excel FEATHEADER Record Memory Corruption Vulnerability (iDefense, 2009.11.10)

  • Excel $B$N%I%-%e%a%s%H2r@O$N%R!<%W(B $B%*!<%P!<%U%m!<$N@HCVE-2009-3130

    Exploitability Index: 1

  • Excel $B$N<02r@O$N%a%b%jGKB;$N@HCVE-2009-3131

    Exploitability Index: 1

  • Excel $B$N%$%s%G%C%/%92r@O$N@HCVE-2009-3132

    Exploitability Index: 2

  • Excel $B$N%I%-%e%a%s%H2r@O$N%a%b%jGKB;$N@HCVE-2009-3133

    Exploitability Index: 2

  • Excel $B$N%U%#!<%k%I$N%5%K%?%$%:$N@HCVE-2009-3134

    $B$3$N967b$O(B Microsoft Office Isolated Conversion Environment (MOICE) $B$rMxMQ$9$k$3$H$G2sHr$G$-$k!#(B Exploitability Index: 2

MS09-068 - $B=EMW(B: Microsoft Office Word $B$N@H

$B!!(BWord 2002 / 2003$B!"(BOffice 2004 / 2008 for Mac$B!"(BOpen XML File Format Converter for Mac$B!"(BWord Viewer $B$K7g4Y!#(B $B96N,(B Word $B%U%!%$%k$K$h$C$FG$0U$N%3!<%I$,CVE-2009-3135$B!"(B Microsoft Word FIB Processing Stack Buffer Overflow Vulnerability (iDefense, 2009.11.10)

$B!!(BExploitability Index: 1

2009.11.13 $BDI5-(B:

$B!!(BMS09-065 patch + $B8E$$(B ATI Radeon HD 2400 $B%I%i%$%P$GIT6q9gH/@8$@$=$&$G!#(B

$B!!BP1~$9$k$K$O!"(Bsafe mode $B$G5/F0$7$F(B MS09-065 patch $B$r0lC6%"%s%$%s%9%H!<%k!"(B $B:F5/F0$7$F(B Radeon $B%I%i%$%P$r99?7!"$=$N8e(B MS09-065 patch $B$r:F%$%s%9%H!<%k!#(B

2009.11.16 $BDI5-(B:

$B!!8E$$(B ATI Radeon HD 2400 $B%I%i%$%P$N7o4XO"(B: MS09-065(KB969947)$B$G(BDELL OPTIPLEX 740$B$,;`K4(B ($B?eL57n$P$1$i$N$($SF|5-(B, 2009.11.11)

$B!!(BWin32k $B$N(B EOT $B2r@O$N@HCVE-2009-2514 $B$N7o4XO"(B: Windows$B$N(BEmbedded OpenType$B=hM}$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.11.16)

$B"#(B $BDI5-(B

$B%;%-%e%j%F%#%"%C%W%G!<%H(B 2009-006 / Mac OS X v10.6.2 $B$K$D$$$F(B

$B!!(BMac OS X v10.6.2 $B$G$O(B POP $BJ}LL$K;EMMJQ99$,$"$k$=$&$G(B: Mac OS X v10.6: 10.6.2 $B$K%"%C%W%G!<%H$9$k$H(B POP $B%a!<%k$r (Apple, 2009.11.09)$B!#!VG'>Z<:GT;~$K$O!"JL$NG'>ZJ}<0$r<+F0$G;n$9!W$H$$$&%"%l$J!V5!G=!W$,:o=|$5$l$?$?$a!"$3$l$KMj$C$F$$$??M$,%"%o%o$K$J$kOC!#(B $B$V$C$A$c$1<+6H<+F@$J$N$G$9$,!"$3$l$K$R$C$+$+$k$h$&$J?M$O<+6H<+F@$@$H$OG

$B"#(B About the security content of Safari 4.0.4
(Apple, 2009.11.11)

$B!!(BSafari 4.0.4 $BEP>l!#J#?t$N7g4Y$,=$@5$5$l$F$$$k!#(B

$B%3%s%]!<%M%s%H(B CVE $BBP>](B OS $B35MW(B
ColorSync CVE-2009-2804 Windows $B96N,2hA|$K$h$kG$0U$N%3!<%I$N
libxml CVE-2009-2414 CVE-2009-2416 Windows, Mac DoS
Safari CVE-2009-2842 Windows, Mac $B>pJsO31L(B
WebKit CVE-2009-2816 Windows, Mac Cross-Site Request Forgery
WebKit CVE-2009-3384 Windows $B96N,(B FTP $B%5!<%P$K$h$kG$0U$N%3!<%I$N
WebKit CVE-2009-2841 Windows, Mac HTML 5 Media Element $B$r;H$&$H!"2hA|$NFI$_9~$_$rL58z$K@_Dj$7$F$$$F$b(B remote $B$N2;3Z!&%S%G%*%U%!%$%k$,FI$_9~$^$l$F$7$^$&(B

$B"#(B $B$$$m$$$m(B (2009.11.12)
(various)

$B"#(B 2009.11.11

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2009.10.09)

$B!!(BZen Cart $B$N7o(B: EC$B%5%$%H%=%U%H%&%'%"$O$J$<99?7$5$l$J$$$N$+(B (@IT, 2009.11.09)

$B"#(B APSB09-17: Workaround available for potential Photoshop Elements privilege escalation issue
(Adobe, 2009.11.10)

$B!!(BAdobe Photoshop Elements 7.0 / 8.0 $B$K7g4Y!#(B AdobeActiveFileMonitor $B%5!<%S%9$N(B DACL $B@_Dj$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(B CVE-2009-3489

$B!!(Bsc sdset $B%3%^%s%I$r;H$C$F%5!<%S%9$N(B DACL $B$r@_Dj$9$k$3$H$GBP1~$G$-$k!#@_Dj$9$Y$-FbMF$O(B Bulletin $B$K<($5$l$F$$$k!#(B

2009.11.23 $BDI5-(B:

$B!!(BAPSB09-17: Photoshop Elements$B$N@x:_E*$J8"8B>:3JLdBj$N2sHr:v8x3+(B (Adobe, 2009.11.18)

$B"#(B 2009.11.10

$B"#(B $B%;%-%e%j%F%#%"%C%W%G!<%H(B 2009-006 / Mac OS X v10.6.2 $B$K$D$$$F(B
(Apple, 2009.11.09)

$B!!(BMac OS X 10.5.8 $BMQ(B patch $B$*$h$S(B Mac OS X 10.6.2 $BEP>l!#(B $B$I$&$d$i(B Mac OS X 10.4.x $B$N%5%]!<%H$O=*N;$7$?$h$&$G$9!#(B $B$"$$$+$o$i$:%5%]!<%H%]%j%7!<$,$h$/$o$+$i$J$$!#(B

2009.11.12 $BDI5-(B:

$B!!(BMac OS X v10.6.2 $B$G$O(B POP $BJ}LL$K;EMMJQ99$,$"$k$=$&$G(B: Mac OS X v10.6$B!'(B10.6.2 $B$K%"%C%W%G!<%H$9$k$H(B POP $B%a!<%k$r (Apple, 2009.11.09)$B!#!VG'>Z<:GT;~$K$O!"JL$NG'>ZJ}<0$r<+F0$G;n$9!W$H$$$&%"%l$J!V5!G=!W$,:o=|$5$l$?$?$a!"$3$l$KMj$C$F$$$??M$,%"%o%o$K$J$kOC!#(B $B$V$C$A$c$1<+6H<+F@$J$N$G$9$,!"$3$l$K$R$C$+$+$k$h$&$J?M$O<+6H<+F@$@$H$OG

$B"#(B 2009.11.09

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!4XO"(B:

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!(B$B%<%m$N%W%l%9%j%j!<%9(B ($B?eL57n$P$1$i$N$($SF|5-(B, 2009.11.07)

Renegotiating TLS

$B!!4XO"(B:

$B"#(B LAN$B@\B3%O!<%I%G%#%9%/!V(BHDL-GT$B!?(BGTR$B!?(BGTR2U$B!W%7%j!<%:!!$40&MQ$N$*5RMM$X$N$40FFb(B
(IO DATA, 2009.11.09)

$B!!(BIO DATA $B$N(B LAN $B@\B3%O!<%I%G%#%9%/!V(BHDL-GT$B!?(BGTR$B!?(BGTR2U$B!W%7%j!<%:$N0lIt$NEE8;$K7g4Y$,$"$j!"H/1l$9$k>l9g$,$"$k$=$&$@!#MxMQ$B%7%j%"%kHV9f$r3NG'(B$B$7!"3:Ev$9$k>l9g$O(B$B%U%!!<%`%&%'%"$r99?7(B$B$7$h$&!#(B

$B"#(B 2009.11.07

$B"#(B 2009.11.06

$B"#(B Renegotiating TLS
(extendedsubset.com, 2009.11.04 (v1.1))

$B!!(BSSL / TLS $B$N:F%M%4%7%(!<%7%g%s=hM}$K%W%m%H%3%k>e$N7g4Y$,$"$j!"(B HTTPS $B$K$*$$$FCf4V2pF~967b(B (Man-In-The-Middle $B967b(B) $B$rKI$2$J$$!"$H$$$&;XE&!#(B $B$&$%$`!D!D!#(B

2009.11.09 $BDI5-(B:

$B!!4XO"(B:

2009.11.13 $BDI5-(B:

$B!!(BStealing Cookies with SSL Renegotiation (IBM ISS, 2009.11.12)

2009.11.15 $BDI5-(B:

$B!!(BTLS and SSLv3 vulnerabilities explained (g-sec.lu)

2010.02.13 $BDI5-(B:

$B!!(BRFC $B=P$F$^$7$?(B: RFC5746: Transport Layer Security (TLS) Renegotiation Indication Extension (IETF)

2010.02.15 $BDI5-(B:

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (977377) TLS/SSL $B$N@H (Microsoft, 2010.02.10)$B!#(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B: TLS/SSL $B$N@H (Microsoft KB 977377) $B$K<($5$l$F$$$k=$@5%W%m%0%i%`$rE,MQ$9$k$3$H$G!"(BSSL / TLS $B$N:F%M%4%7%(!<%7%g%s=hM}$rL58z$K$G$-$k!#$?$@$7!"$b$A$m$sI{:nMQ$,$"$k!#(B

$B%^%$%/%m%=%U%H$K$h$j0J2<$N%=%U%H%&%'%"$,%F%9%H$5$l!"$3$N99?7%W%m%0%i%`$r%$%s%9%H!<%k$9$k$HLdBj$,H/@8$9$k$3$H$,3NG'$5$l$F$$$^$9!#(B

* Windows 7 DirectAccess: IP HTTPS $B%$%s%?!<%U%'%$%9$,5!G=$7$^$;$s!#(B
* Exchange ActiveSync: $B%/%i%$%"%s%H>ZL@=q$NG'>Z$r;HMQ$9$k>l9g$K5!G=$7$^$;$s!#(B
* $B%$%s%?!<%M%C%H(B $B%$%s%U%)%a!<%7%g%s(B $B%5!<%S%9(B (IIS): $B$"$kZL@=q%^%C%T%s%0$N%7%J%j%*$r4^$`%/%i%$%"%s%H>ZL@=q$NG'>Z$r;HMQ$9$k(B IIS $B$,1F6A$rZL@=q$NG'>Z$O1F6A$r * Internet Explorer: $B%5%$%H5,LO$N%/%i%$%"%s%H>ZL@=q$NG'>Z$G$O$J$/!"C1$J$k%/%i%$%"%s%H>ZL@=q$NG'>Z$,I,MW$J(B Web $B%5%$%H$r;2>H$7$?>l9g!"@5>o$K@\B3$G$-$J$$$3$H$,$"$j$^$9!#(B

$B!!>e5-(B RFC $B$K4p$E$/:F

2010.02.25 $BDI5-(B:

$B!!(BDetails on the New TLS Advisory - Security Advisory 977377: Vulnerability in TLS Could Allow Spoofing (Microsoft Security Research & Defense, 2010.02.09)

2010.02.26 $BDI5-(B:

$B!!(BOpenSSL 0.9.8m $BEP>l!#(BRFC5746 $B$KBP1~$7$F$$$k!#(Biida $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

2010.03.03 $BDI5-(B:

$B!!(BOpera 10.50 $BEP>l!#(BRFC5746 $B$KBP1~$7$F$$$k$h$&$G$9!#(B

2010.09.05 $BDI5-(B:

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$O!"(B MS10-049 - $B6[5^(B: SChannel $B$N@H $B$rE,MQ$9$k$3$H$G!"(BRFC5746 $B$KBP1~$9$k!#(B

2011.06.13 $BDI5-(B:

$B!!(BTitle: Renego: Popular, unpatched and vulnerable, an update (Opera, 2011.06.09)$B!#%5!<%PB&$NBP1~$,?J$s$G$$$J$$$h$&$G$9!#(B

$B"#(B Vulnerability in the BlackBerry Desktop Manager allows remote code execution
(BlackBerry, 2009.11.04)

$B!!(BBlackBerry Desktop Manager $B$,;HMQ$9$k(B Lotus Notes Intellisync DLL $B$K7g4Y!#(B ActiveX $B$M$?!#(B CVE-2009-0306

$B!!(BBlackBerry Desktop Software version 5.0.1 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B Stable Channel Update: Google Chrome 3.0.195.32
(Google Chrome Releases blog, 2009.11.05)

$B!!(BGoogle Chrome 3.0.195.32 $BEP>l!#0J2<$,=$@5$5$l$F$$$k!#(B

  • JavaScript $B$N

  • $B%a%b%jGK2u$,H/@8$7!"G$0U$N%3!<%I$N

2009.11.13 $BDI5-(B:

$B!!(BGoogle Chrome 3.0.195.33 $BEP>l!#(B3.0.195.32 $B$K$O!"5/F0$K<:GT$9$kIT6q9g$,$"$C$?LOMM!#(B

$B!!%;%-%e%j%F%#=$@5$b4^$^$l$F$$$k!#(BCVE-2009-2816

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2009 $BG/(B 11 $B7n(B
(Microsoft, 2009.11.06)

$B!!$b$&$=$s$J5(@a$G$9!#6[5^(B x 3$B!"=EMW(B x 3$B!#=EMW$NCf$K(B Office $B$,(B 2 $B$DF~$C$F$^$9(B (Excel $B$H(B Word)$B!#(B

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!4XO"(B:

$B"#(B 2009.11.05

$B"#(B $B$$$m$$$m(B (2009.11.05)
(various)

$B"#(B APSB09-16: Security updates available for Shockwave Player
(Adobe, 2009.11.03)

$B!!(BShockwave Player 11.5.1.601 $B0JA0$K(B 5 $B$D$N7g4Y(B ($BG$0U$N%3!<%I$NCVE-2009-3463 CVE-2009-3464 CVE-2009-3465 CVE-2009-3466 $B!"(BDoS x 1 - CVE-2009-3244 )$B!#(B

$B!!(BShockwave Player 11.5.2.602 $B$G=$@5$5$l$F$$$k!#(B http://get.adobe.com/shockwave/ $B$+$iF~http://www.adobe.com/jp/shockwave/welcome $B$G3NG'$G$-$k$_$?$$(B

2009.11.12 $BDI5-(B:

$B!!F|K\8lHG(B:

$B"#(B $BDI5-(B

F-Secure / Symantec / McAfee Generic PDF detection bypass

$B!!(BF-Secure $B8x<0(B: Security Advisory FSC-2009-3 (F-Secure, 2009.10.29)$B!#<+F099?7$K$FBP1~!#(B

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!(B2009.11.03$B!A(B04 $B$K%^%9%4%_3F

$B!!4XO"(B:

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!4XO"(B:

Advance notification of Security Updates for Java SE

$B!!(BJDK and JRE 6 Update 17 / 5.0 Update 22 $B=P$?$_$?$$$G$9!#(BSDK and JRE 1.4.2_24 / 1.3.1_27 $B$O(B EOL $B2a$.$F$^$9$+$i!"0lHL8x3+$O$5$l$^$;$s!#(B

$B"#(B 2009.11.04

$B"#(B $BDI5-(B

Microsoft 2009 $BG/(B 10 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BYou receive a VBScript "Type Mismatch" script error message in Internet Explorer after you install cumulative security update 974455 (Microsoft KB976749) $B$,2~D{$5$l$?!#(BMS09-054 $B$NI{:nMQ$X$N=$@5%W%m%0%i%`$,8x3+$5$l$F$$$k!#(B

$B"#(B 2009.11.02

$B"#(B $BDI5-(B

$B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)

$B!!(BWin32/Daonol$B$N0! ($BF|7P(B IT Pro, 2009.11.02)

$B"#(B 2009.11.01

$B"#(B $BDI5-(B

APSB09-15: Security Advisory for Adobe Reader and Acrobat

$B!!F|K\8lHG(B: APSB09-15: Adobe Reader$B$*$h$S(BAcrobat$BMQ%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B (Adobe, 2009.10.30)$B!#$7$+$7!"KhEYKhEY!"F|K\8lHG$N%j%j!<%9$K$I$&$7$F$3$s$J$K;~4V$,$+$+$k$s$G$7$g$&!#F|K\$N%f!<%6$rGO

Microsoft 2009 $BG/(B 10 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS09-056 patch $B$K$O(B Communications Server 2005 / 2007 $BJ}LL$GI{:nMQ$,$"$k$=$&$G!"=$@5%W%m%0%i%`$,8x3+$5$l$F$^$9!#(B

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!4XO"(B: $B%5%s%7%c%$%sKR>l!&2]6b%7%9%F%`$NLdBj$K$D$$$F$N%"%J%&%s%9(B ($B?eL57n$P$1$i$N$($SF|5-(B, 2009.10.31)

$B"#(B US-CERT$B!"!V(BBlackBerry$B!W$NDLOC$rEpD0$9$k%"%W%j$r7Y9p(B
(CNET, 2009.10.28)

$B!!$3$NOC(B:

[$B%;%-%e%j%F%#%[!<%k(B memo]
[$B;d$K$D$$$F(B]