$B%;%-%e%j%F%#%[!<%k(B memo - 2010.07

Last modified: Thu Sep 29 12:27:53 2011 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2010.07.30

$B"#(B $B$$$m$$$m(B (2010.07.30)
(various)

$B"#(B $BDI5-(B

Announcing Coordinated Vulnerability Disclosure

$B!!(B$B!V6(D4E*$J@H ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2010.07.28)

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!(BSophos $B$H(B G DATA $B$+$i!"L5=~$NBP:v%D!<%k$,8x3+$5$l$F$$$^$9!#(B

$B!!$"$H!"%^%k%&%'%"$$$m$$$m!#(B

$B"#(B 2010.07.29

$B"#(B About the security content of Safari 5.0.1 and Safari 4.1.1
(Apple, 2010.07.28)

$B!!(BSafari 5.0.1 / 4.1.1 $BEP>l!#>pJsO31L$d%&%$%k%9$N7$/!"7W(B 15 $B7o$N7g4Y$,=$@5$5$l$F$$$k!#(B

$B"#(B 2010.07.28

$B"#(B $B$$$m$$$m(B (2010.07.28)
(various)

$B"#(B CERT-FI Advisory on OpenLDAP
(CERT-FI, 2010.07.22)

$B!!(BOpenLDAP 2.4.22 $B0JA0$KJ#?t$N7g4Y$,$"$j!"(Bremote $B$+$i(B DoS $B967b$dG$0U$N%3!<%I$NZITMW!"BPOCE*A`:nITMW!#(B CVE-2010-0211 CVE-2010-0212

$B!!(BOpenLDAP 2.4.23 $B$G=$@5$5$l$F$$$k!#(B

2010.07.30 $BDI5-(B:

$B!!(BJVNVU#129889: OpenLDAP $B$KJ#?t$N@H (JVN, 2010.07.29)

$B"#(B $BDI5-(B

APSB10-07: Security Advisory for Adobe Reader and Acrobat

$B!!(BZbot and CVE2010-0188 (securelist.com, 2010.07.28)$B!#(B6 $B7nKv$+$i5^7c$KA}$($F$$$k!#(B

$B"#(B Google Chrome Stable Channel Update
(Google Chrome Release blog, 2010.07.26)

$B!!(BGoogle Chrome 5.0.375.125 $BEP>l!#(B5 $B7o$N7g4Y$,=$@5$5$l$F$$$k!#(B High x 3$B!"(BMedium x 1$B!"(BLow x 1$B!#(B

$B"#(B Apache HTTP Server (httpd) 2.2.16 Released
(apache.org, 2010.07.26)

$B!!(BApache 2.2.16 $BEP>l!#(B2 $B7o$N7g4Y$,=$@5$5$l$F$$$k!#HSED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!(BApache httpd 2.2 vulnerabilities $B$K>\:Y>pJs$H8DJL$N(B patch $B$,MQ0U$5$l$F$$$k!#(B

$B"#(B 2010.07.27

$B"#(B 2010.07.26

$B"#(B $BDI5-(B

Firefox 3.6.7 / 3.5.11$B!"(BThunderbird 3.1.1 / 3.0.6$B!"(BSeamonkey 2.0.6 $BEP>l(B

$B!!(BFirefox$B$N(BWeb Workers$B$K$*$1$k@H ($B%M%C%H%(!<%8%'%s%H(B blog, 2010.07.23)$B!#(BMFSA 2010-42 $B$N2r@b!#$O$;$,$o$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!$H8@$C$F$k4V$K(B Firefox 3.6.8 $B$,$5$C$=$/EP>l!#(BMFSA 2010-48: $B%W%i%0%$%s0z?tG[NsLdBj$N=$@5$K$h$k%@%s%0%j%s%0%]%$%s%?%/%i%C%7%e$N%j%0%l%C%7%g%s(B $B$,=$@5$5$l$F$$$k!#(BCVE-2010-2755$B!#HSED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B Firefox 3.6.7 $B$G%(%s%P%0$7$?$N$@$=$&$G!#(B Firefox 3.5.11 $B$bF1$8$h$&$K%(%s%P%0$7$F$$$k$,!"96N,2DG=$G$O$J$$$?$a!"(B $BJ|CV$5$l$F$$$kLOMM!#(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!(BMicrosoft Fixit $B$NI{:nMQ$N7o$D$E$-!#(B Fixit $BE,MQD>8e$O!"%G%9%/%H%C%W$N%7%g!<%H%+%C%H$O85$N$^$^$J$N$G$9$,!"(B Fixit $BE,MQ8e$K!"%G%9%/%H%C%W$K%7%g!<%H%+%C%H$r@_CV$9$k$h$&$J%"%W%j%1!<%7%g%s$r%$%s%9%H!<%k$9$k$H!"$=$N;~E@$G%G%9%/%H%C%W>e$N%7%g!<%H%+%C%H$b$^$CGr$K$J$C$A$c$&$h$&$G$9!#(B

$B!!(BFirefox $B%f!<%6$O!":#F|%j%j!<%9$5$l$F$$$k(B Firefox 3.6.8 $B$K%"%C%W%G!<%H$9$k$H!"$^$CGr$K$J$k$h!#(B

$B"#(B 2010.07.25

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!4XO"(B:

$B"#(B 2010.07.24

$B"#(B 2010.07.23

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!(BMicrosoft Fixit $B$N(B before / after $B$O$3$s$J46$8(B (Windows Vista):

before after

$B!!A4BN$,8+$?$$?MMQ(B: before$B!"(Bafter

$B!!4XO"(B:

$B"#(B Announcing Coordinated Vulnerability Disclosure
(Microsoft Security Response Center (MSRC) blog, 2010.07.22)

$B!!(B"Responsible Disclosure" $B$+$i(B "Coordinated Vulnerability Disclosure" $B$X!#(B

$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!?!1!1!1!1!1!1!1!1!1!1!1!1!1!1!1(B
$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B|$B!!$A$g!"$A$g!<$H$^$C$F(B!!!$B:#(B MSRC $B$,2?$+8@$C$?$+$i@E$+$K$7$F!*!*(B
$B!!!!!!!!(B , ,-;:;:;:;:;:;:;:;:;:;:;:;:;:;:;:,.$B!!!!!3(!#y(!(!(!(!(!(!(!(!(!(!(!(!(!(!!!!!(B ,-v-$B!"(B
$B!!!!!!!!(B/;:;:;:;:;:;:$B%_%_(B;:;:;:;:;:;:;:;:;:;`(I$$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B/ _(II(B_(II(B:^)
$B!!!!!!(B /;:;:;:;:$BWD!=!<(B-(I$(B_;:;:;:;:;:;:;:;|$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B $B!!(B $B!!(B $B!!(B / _(II(B_(II(B_$B%N(B $B!?!K(B
$B!!!!!!(B |;:;:;:$B%N!"!!!!!!!!!!(B`(I$(B;;:;:;:;:;:i$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B/$B!!(II(B (II$B%N!?!?(B
$B!!!!!!(B |;:/$B!2!3!!(B,,,,,,,,,,$B!!!!(B|;:;:;:;:;:;!$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B ____/$B!!(B ______$B!!%N(B
$B!!!!!!!!(B| ' (I_(B ''/ $B(#(I!(B-(I$$B!!!!(B|;:;:;:;:/$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B $B!!(B $B!!(B $B!!(B _.. r$B!J(B" $B!!(B`(I0(B"$B!!!"(B (II(B
$B!!!!!!!!(B|` $B%N(B($B!!(B $B!3(B $B!!%=!!(B |$B%N(B|/$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B _. -$B!>(B '"$B!-!!!!(Bl$B!!(Bl-(I$$B!!(B $B!!!!(I^(B $B%N(B
$B!2(B,-$B!<(B| /$B!2(B` $B!I(B'$B!!!!!@!!(B $B%N!!!!(B __$B!!!!!!!!!!!!(B .$B!!(B-$B!>(B ' "$B!-!!!!!!!!!!!!!!(B l$B!!!3(B`$B!<(B''"(I0(B'"
$B!!(B|$B!!(B:$B!!(B | $B!K!4;0(IF$B!3!!!!(B /$B!3(B ' "$B!-!?!.(I^(B (I0'(B' "$B!-!!!!!>(B'"$B!-!!!!!!!!!!!!!!!!!!!3(I$(B`(I0(B $B!?%N(B
$B!!!3!!!!(B`(I$$B!2!2!2(B,.-$B!<(B'$B!!(B|$B!!!!(B /$B!!!!!!(B/$B!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!(B __.. -'-'"
$B!!!!(B|$B!!!!!!(B |$B!!!@!!!!!!(B/$B!!(B|$B!!!!(B l$B!!!!!!(B/$B!!!!!!!!!!!!!!!!!!!!!!(B .$B!!(B-$B!>(B '"$B!-(B
$B!!!!!@!!!!(B |$B!2(B__$B!d!c!!(B/$B!!!3(B

$B!!4XO"(B:

2010.07.30 $BDI5-(B:

$B!!(B$B!V6(D4E*$J@H ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2010.07.28)

$B"#(B 2010.07.22

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!2~D{$5$l$?(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) $B$N!"$3$NItJ,$KCmL\$,=8$^$C$F$$$kLOMM!#(B

$B967b $B967b$N%"%W%j%1!<%7%g%s$G!"$3$N%I%i%$%V$r3+$/$H!"0-0U$N$"$k%P%$%J%j$,967be$G
$B967bl9g!"(BWindows $B$O%7%g!<%H%+%C%H(B $B%U%!%$%k$N%"%$%3%s$N%@%&%s%m!<%I$r;n9T$7!"0-

$B!!!VKd$a9~$_%7%g!<%H%+%C%H$^$?$O%[%9%H$5$l$?%V%i%&%6!<(B $B%3%s%H%m!<%k(B (Microsoft Office $B%I%-%e%a%s%H$J$I$G$9$,!"$=$N8B$j$G$O$"$j$^$;$s(B) $B$r%5%]!<%H$9$k%I%-%e%a%s%H!W$G$9$C$F(B?! $B$3$N967b$,(B Office $BJ8=q$J$I$r7PM3$7$F$b9T$o$lF@$kLOMM!#(B

$B!!4XO"(B:

$B!!8D?ME*$K$O!"(BIPA $B$d(B JPCERT/CC $B$,2?$b8@$C$F$J$$$N$,5$$K$J$k$G$9!#(B

$B"#(B 2010.07.21

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!(BMicrosoft Fixit $BEP>l$7$^$7$?!#(B

$B!!$"$o$;$F!"(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) $B$b2~D{$5$l$F$$$k!#(B.PIF $B$K$D$$$F$N@bL@$NDI2C$b!#(B

$B!!4XO"(B:

$B"#(B About the security content of iTunes 9.2.1
(Apple, 2010.07.19)

$B!!(BiTunes 9.2.1 $BEP>l!#(BiTunes 9.2 $B$K$O(B itpc: URL $B$N=hM}$K7g4Y$,$"$j!"96N,(B itpc: URL $B$K%"%/%;%9$9$k$HG$0U$N%3!<%I$rCVE-2010-1777

$B"#(B Firefox 3.6.7 / 3.5.11$B!"(BThunderbird 3.1.1 / 3.0.6$B!"(BSeamonkey 2.0.6 $BEP>l(B
(various, 2010.07.20)

$B!!(BFirefox 3.6.7 / 3.5.11$B!"(BThunderbird 3.1.1 / 3.0.6$B!"(BSeamonkey 2.0.6 $BEP>l$G$9!#(B $B=$@59`L\$O0J2<$N$H$*$j!#(B

SA $BHV9f(B $B=EMWEY(B $B35MW(B F 3.6.7 F 3.5.11 T 3.1.1 T 3.0.6 S 2.0.6
MFSA 2010-47$BCf(B$B%(%i!<%a%C%;!<%8$N%9%/%j%W%H%U%!%$%kL>$+$i$N%/%m%9%5%$%H%G!<%?O3$($$(B X X X X X
MFSA 2010-46$BCf(BCSS $B$rMxMQ$7$?%/%m%9%5%$%H%G!<%?O3$($$(B X X X X X
MFSA 2010-45$BCf(B$BJ#?t$N%m%1!<%7%g%s%P!<56AuLdBj(B X X X
MFSA 2010-44$BCf(B8 $B%S%C%H%(%s%3!<%G%#%s%0$K$*$$$F(B U+FFFD $B$K%^%C%W$5$l$?J8;z$,860x$G!"D>8e$NJ8;z$,8+$($J$/$J$k(B X X
MFSA 2010-43$B9b(Bcanvas $B$N%3%s%F%-%9%H$r;HMQ$7$?F10l@8@.850cH?(B X X
MFSA 2010-42$B9b(BWeb $B%o!<%+!<$N(B importScripts $B$rDL$8$?%/%m%9%5%$%H%G!<%?O3$($$(B X X X X X
MFSA 2010-41$B:G9b(B$BIT@5$J(B PNG $B2hA|$r;HMQ$7$?%j%b!<%H%3!<%I X X X X X
MFSA 2010-40$B:G9b(BnsTreeSelection $B$N%@%s%0%j%s%0%]%$%s%?$K$h$k%j%b!<%H%3!<%I X X X X X
MFSA 2010-39$B:G9b(BnsCSSValue::Array $B%$%s%G%C%/%9$N@0?t%*!<%P!<%U%m!<(B X X X X X
MFSA 2010-38$B:G9b(BSJOW $B$H9bB.$J%M%$%F%#%V4X?t$r;HMQ$7$?G$0U$N%3!<%I X X
MFSA 2010-37$B:G9b(B$B%W%i%0%$%s0z?t(B EnsureCachedAttrParamArrays $B$rDL$8$?%j%b!<%H%3!<%I X X X
MFSA 2010-36$B:G9b(BNodeIterator $B$K$*$1$k2rJ|8e;HMQ$NLdBj(B X X X
MFSA 2010-35$B:G9b(BDOM $BB0@-$NJ#@=$K$h$k%j%b!<%H%3!<%I$N X X X
MFSA 2010-34$B:G9b(B$BMM!9$J%a%b%j0BA4@-$NLdBj(B (rv:1.9.2.7/1.9.1.11) X X X X X

$B!!(BYosuke Hasegawa $B$H$$$&L>A0(B$B$b8+$($k$J$"!D!D!#(B

$B!!%j%j!<%9%N!<%H(B:

$B!!9b66$5$s!"(Btvb19131 $B$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

2010.07.26 $BDI5-(B:

$B!!(BFirefox$B$N(BWeb Workers$B$K$*$1$k@H ($B%M%C%H%(!<%8%'%s%H(B blog, 2010.07.23)$B!#(BMFSA 2010-42 $B$N2r@b!#$O$;$,$o$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!$H8@$C$F$k4V$K(B Firefox 3.6.8 $B$,$5$C$=$/EP>l!#(BMFSA 2010-48: $B%W%i%0%$%s0z?tG[NsLdBj$N=$@5$K$h$k%@%s%0%j%s%0%]%$%s%?%/%i%C%7%e$N%j%0%l%C%7%g%s(B $B$,=$@5$5$l$F$$$k!#(BCVE-2010-2755$B!#HSED$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B Firefox 3.6.7 $B$G%(%s%P%0$7$?$N$@$=$&$G!#(B Firefox 3.5.11 $B$bF1$8$h$&$K%(%s%P%0$7$F$$$k$,!"96N,2DG=$G$O$J$$$?$a!"(B $BJ|CV$5$l$F$$$kLOMM!#(B

$B"#(B 2010.07.20

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!4XO"(B:

$B!!$3$N>u67$rISC infocon $B$O(B Yellow $B$K$J$C$F$^$9!#(B

$B"#(B 2010.07.19

$B"#(B 2010.07.18

$B"#(B $B$$$m$$$m(B (2010.07.18)
(various)

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H
(Microsoft, 2010.07.17)

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B Windows Shell $B$K$*$1$k(B .lnk $B%U%!%$%k$N=hM}$K7g4Y$,$"$j!"(B $B96N,(B .lnk $B%U%!%$%k$r4^$`%I%i%$%V$r!"(BWindows Explorer $B$d(B Total Commander $B$J$I$N!V%"%$%3%s$rI=<($9$k!W%U%!%$%k%^%M!<%8%c$G3+$/$H!"G$0U$N%3!<%I$,CVE-2010-2568$B!#(B

$B!!:G=i$KH/I=$5$l$?$N$O!"(B anti-virus.by $B$N(B $B$3$NJ8>O(B

Modules of current malware were first time detected by "VirusBlokAda" company specialists on the 17th of June, 2010 and were added to the anti-virus bases as Trojan-Spy.0485 and Malware-Cryptor.Win32.Inject.gen.2. During the analysis of malware there was revealed that it uses USB storage device for propagation.

You should take into consideration that virus infects Operation System in unusual way through vulnerability in processing lnk-files (without usage of autorun.inf file).

So you just have to open infected USB storage device using Microsoft Explorer or any other file manager which can display icons (for i.e. Total Commander) to infect your Operating System and allow execution of the malware.

$B!!4{$K0-MQ$5$l$F$$$k!#$3$N967b$O!"(BUSB $B%a%b%j$KBP$9$k(B autorun $B$NM-8z!&L58z$OL54X78$J$N$GCm0U!#4{B8$N!V(BUSB $B%a%b%j%&%$%k%9BP:v!W$O0l=V$K$7$FJx2u$7$^$7$?!#$*$a$G$H$&!#(B $B$b$A$m$s!"(BUSB $B%a%b%j$G$J$/$F$b$$$$$o$1$G!#(B

$B!!(BSA 2286198 $B$G$O(B 2 $B

$B!!4XO"(B:

2010.07.20 $BDI5-(B:

$B!!4XO"(B:

$B!!$3$N>u67$rISC infocon $B$O(B Yellow $B$K$J$C$F$^$9!#(B

2010.07.21 $BDI5-(B:

$B!!(BMicrosoft Fixit $BEP>l$7$^$7$?!#(B

$B!!$"$o$;$F!"(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) $B$b2~D{$5$l$F$$$k!#(B.PIF $B$K$D$$$F$N@bL@$NDI2C$b!#(B

$B!!4XO"(B:

2010.07.22 $BDI5-(B:

$B!!2~D{$5$l$?(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) $B$N!"$3$NItJ,$KCmL\$,=8$^$C$F$$$kLOMM!#(B

$B967b $B967b$N%"%W%j%1!<%7%g%s$G!"$3$N%I%i%$%V$r3+$/$H!"0-0U$N$"$k%P%$%J%j$,967be$G
$B967bl9g!"(BWindows $B$O%7%g!<%H%+%C%H(B $B%U%!%$%k$N%"%$%3%s$N%@%&%s%m!<%I$r;n9T$7!"0-

$B!!!VKd$a9~$_%7%g!<%H%+%C%H$^$?$O%[%9%H$5$l$?%V%i%&%6!<(B $B%3%s%H%m!<%k(B (Microsoft Office $B%I%-%e%a%s%H$J$I$G$9$,!"$=$N8B$j$G$O$"$j$^$;$s(B) $B$r%5%]!<%H$9$k%I%-%e%a%s%H!W$G$9$C$F(B?! $B$3$N967b$,(B Office $BJ8=q$J$I$r7PM3$7$F$b9T$o$lF@$kLOMM!#(B

$B!!4XO"(B:

$B!!8D?ME*$K$O!"(BIPA $B$d(B JPCERT/CC $B$,2?$b8@$C$F$J$$$N$,5$$K$J$k$G$9!#(B

2010.07.23 $BDI5-(B:

$B!!(BMicrosoft Fixit $B$N(B before / after $B$O$3$s$J46$8(B (Windows Vista):

before after

$B!!A4BN$,8+$?$$?MMQ(B: before$B!"(Bafter

$B!!4XO"(B:

2010.07.25 $BDI5-(B:

$B!!4XO"(B:

2010.07.26 $BDI5-(B:

$B!!(BMicrosoft Fixit $B$NI{:nMQ$N7o$D$E$-!#(B Fixit $BE,MQD>8e$O!"%G%9%/%H%C%W$N%7%g!<%H%+%C%H$O85$N$^$^$J$N$G$9$,!"(B Fixit $BE,MQ8e$K!"%G%9%/%H%C%W$K%7%g!<%H%+%C%H$r@_CV$9$k$h$&$J%"%W%j%1!<%7%g%s$r%$%s%9%H!<%k$9$k$H!"$=$N;~E@$G%G%9%/%H%C%W>e$N%7%g!<%H%+%C%H$b$^$CGr$K$J$C$A$c$&$h$&$G$9!#(B

$B!!(BFirefox $B%f!<%6$O!":#F|%j%j!<%9$5$l$F$$$k(B Firefox 3.6.8 $B$K%"%C%W%G!<%H$9$k$H!"$^$CGr$K$J$k$h!#(B

2010.07.30 $BDI5-(B:

$B!!(BSophos $B$H(B G DATA $B$+$i!"L5=~$NBP:v%D!<%k$,8x3+$5$l$F$$$^$9!#(B

$B!!$"$H!"%^%k%&%'%"$$$m$$$m!#(B

2010.08.01 $BDI5-(B:

$B!!(B2010.08.03 $B$KDjNc30$G(B hotfix $B$,Ds6!$5$l$kM=Dj$G$9(B: Windows $B$N%;%-%e%j%F%#99?7$N;vA0DLCN(B ($BDjNc30(B) ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2010.07.30)

2010.08.03 $BDI5-(B:

$B!!=P$^$7$?(B: MS10-046 - $B6[5^(B: Windows $B%7%'%k$N@H (Microsoft, 2010.08.03)$B!#(BExploitability Index: 1

2010.08.10 $BDI5-(B:

$B!!4XO"(B:

2010.08.24 $BDI5-(B:

$B!!4XO"(B:

2010.09.23 $BDI5-(B:

$B!!(BSymantec $B$N(B Stuxnet $B4XO"5-;v(B:

$B"#(B 2010.07.17

$B"#(B 2010.07.16

$B"#(B ($B6[5^(B)BIND 9.7.1/9.7.1-P1$B$K$*$1$k(BRRSIG$B%l%3!<%I=hM}$NIT6q9g$K$D$$$F(B - $B%k!<%H%>!<%s$N%H%i%9%H%"%s%+!<@_Dj$NA0$K!"I,$:(B9.7.1-P2$B$X$N99?7$r(B -
(JPRS, 2010.07.16)

$B!!(B$B%k!<%H%>!<%s$K$*$1$k(BDNSSEC$B$N@5<01?MQ3+;O$KH<$&1F6A$K$D$$$F(B (JPRS, 2010.07.15) $B$K$"$k$h$&$K!"(B

2010$BG/(B7$B7n(B16$BF|$N8aA0(B4$B;~(B30$BJ,$+$i(B8$B;~(B30$BJ,(B($BF|K\I8=`;~$K$*$$$F!#6(Dj@$3&;~$K$*$$$F$O(B7$B7n(B15$BF|$N(B19$B;~(B30$BJ,$+$i(B23$B;~(B30$BJ,(B)$B$K$+$1$F!"%k!<%H%>!<%s$K$*$$$F(BDNSSEC$B$N@5<01?MQ$,3+;O$5$l$^$9!#(B
($BCfN,(B)
$B:#2s$NJQ99$K$h$j!"$3$l$^$G(BDURZ(*1)$B$H$7$F@_Dj$5$l$F$$$?%@%_!<$N=pL>%G!<%?$,!"@5<0$N=pL>%G!<%?$KJQ99$5$l$^$9!#$3$l$K$h$j!"(BIANA$B$,8x3+$9$k%k!<%H%>!<%s$N%H%i%9%H%"%s%+!<(B($B8x3+80(B)$B$r%-%c%C%7%e(BDNS$B%5!<%P$K@_Dj$9$k$3$H$G!"%k!<%H%>!<%s$N(BDNSSEC$B8!>Z$rM-8z$K$G$-$k$h$&$K$J$j$^$9!#(B

$B$N$G$9$,!"(BBIND 9.7.1/9.7.1-P1 $B$J%-%c%C%7%e(B DNS $B%5!<%P$G$3$l$r@_Dj$9$k$H!"(Bremote $B$+$i(B DoS $B967b$r

$B:#2sJs9p$5$l$?IT6q9g$O!"(BBIND 9.7.1$B5Z$S(B9.7.1-P1$B$K$*$$$F(Bnamed$B$r%-%c%C%7%e(BDNS$B%5!<%P$H$7$FF0:n$5$;!"$+$D%H%i%9%H%"%s%+!<$r@_Dj$7$F(BDNSSEC$B$K$h$kL>A08!>Z5!G=$rM-8z$K$7$?>l9g!"$=$N%H%i%9%H%"%s%+!<$+$i$N?.Mj$NO":?$,9=C[$5$l$?!"$9$J$o$A(BDNSSEC$B$,M-8z$K@_Dj$5$l$?G$0U$N%I%a%$%sL>$KBP$9$k(BRRSIG$B%l%3!<%I<+?H$N8!:wMW5a$r(Bnamed$B$,e$NIT6q9g$K$h$jH?I|8!:w$,L58B%k!<%W$N>uBV$K4Y$j!"3:Ev$9$k(BRRSIG$B%l%3!<%I$rJ];}$7$F$$$k8"0R(BDNS$B%5!<%P$KBP$9$k(BRRSIG$B%l%3!<%I$N8!:wMW5a$,H/?.$5$lB3$1$k!"$H$$$&$b$N$G$9!#(B

$B!!(BBIND 9.7.1-P2 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B 2010.07.15

$B"#(B Microsoft 2010 $BG/(B 7 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2010.07.14)

$B!!M=Dj$I$*$j=P$^$7$?!#(B

MS10-042 - $B6[5^(B: $B%X%k%W$H%5%]!<%H(B $B%;%s%?!<$N@H (Microsoft)

$B!!(BWindows XP / Server 2003 $B$K7g4Y!#(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2219475) Windows $B$N%X%k%W$H%5%]!<%H(B $B%;%s%?!<$N@H $B$N7o!#(B CVE-2010-1885

$B!!4XO"(B:

$B!!(BExploitability Index: 1

MS10-043 - $B6[5^(B: Canonical Display Driver $B$N@H

$B!!(BWindows 7 / Server 2008 R2 $B$K7g4Y!#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2028859) Canonical Display Driver $B$N@H $B$N7o!#(B CVE-2009-3678

$B!!(BExploitability Index: 2

MS10-044 - $B6[5^(B: Microsoft Office Access $B$N(B ActiveX $B%3%s%H%m!<%k$N@H

$B!!(BAccess 2003 / 2007 $B$K(B 2 $B$D$N7g4Y!#(B

MS10-045 - $B=EMW(B: Microsoft Office Outlook $B$N@H

$B!!(BOutlook 2002 / 2003 / 2007 $B$K7g4Y!#(B $BFCDj$N(B MAPI $BE:IU%W%m%Q%F%#(B (PR_ATTACH_METHOD) $B$,;XDj$5$l$?96N,(B TNEF $B%9%H%j!<%`$rDL$8$F!";XDj$5$l$?%Q%9L>$N%U%!%$%k$,CVE-2010-0266$B!#(B $B4XO"(B:

$B!!(BExploitability Index: 1

$B!!$J$*!"(Bpatch $B$rE,MQ$9$k$H!"FCDj$N(B MAPI $BE:IU%W%m%Q%F%#$,;XDj$5$l$F$$$?>l9g$KL58z2=$5$l$k$H$$$&I{:nMQ$,H/@8$9$k!#(B

$B!!4XO"(B:

$B"#(B Oracle Critical Patch Update Advisory - July 2010
(Oracle, 2010.07.14)

$B!!=P$^$7$?!#(BWebLogic $B$d(B Solaris $B$d(B OpenSSO $B$N$b$"$j$^$9!#(B

$B"#(B T-393: iSCSI Enterprise Target Multiple Implementations iSNS Message Stack Buffer Overflow Vulnerability
(DOE-CIRC, 2010.07.08)

$B!!J#?t$N(B iSCSI $B%?!<%2%C%H(B (iSCSI $B$G;H$o$l$kAuCVB&(B) $BCVE-2010-2221$B!#(B $B$3$3$G7g4Y$"$j$H$5$l$F$$$k$N$O!"(B

iSCSI Enterprise Target 1.4.20.1 and prior
Generic SCSI Target Subsystem for Linux 1.0.1.1 and prior
Linux SCSI target framework 1.0 and prior

$B!!(BiSCSI Enterprise Target $B$O!"3+H/HG$G$O4{$K=$@5$5$l$F$$$k$_$?$$(B (patch)$B!#(B Generic SCSI Target Subsystem for Linux $B$b3+H/HG$G$OD>$C$F$k$_$?$$(B ($B$3$N$X$s(B)$B!#(B Linux SCSI target framework (tgt) $B$O!"(B1.0.6 $B$G=$@5$5$l$?LOMM!#(B

$B"#(B $B%"%I%*%s$N%;%-%e%j%F%#@H
(Mozilla Japan $B%V%m%0(B, 2010.07.14)

$B!!%"%I%*%s$K4X$9$k(B 2 $BBj!#(B

$B"#(B 2010.07.14

$B"#(B $B$$$m$$$m(B (2010.07.14)
(various)

$B"#(B 2010.07.13

$B"#(B 2010.07.12

$B"#(B 2010.07.09

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2010 $BG/(B 7 $B7n(B
(Microsoft, 2010.07.09)

$B!!(B4 $B7o!#(BWindows x 2$B!"(BOffice x 2 (Access x 1, Outlook x 1)$B!#(B 2010$BG/(B7$B7n(B14$BF|$N%;%-%e%j%F%#%j%j!<%9M=Dj(B ($B7nNc(B) ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2010.07.09) $B$K$h$k$H!"(B

$B$N=$@5$,F~$k$=$&$J$N$G!"(B Windows x 2 $B$,$=$l$G$7$g$&!#(B

$B"#(B 2010.07.08

$B"#(B 2010.07.07

$B"#(B 2010.07.06

$B"#(B 2010.07.05

$B"#(B Google Chrome 5.0.375.99 has been released
(Google Chrome release blog, 2010.07.02)

$B!!(BGoogle Chrome 5.0.375.99 $BEP>l!#(B8 $B7o$N7g4Y$,=$@5$5$l$?$H$9$Y$-$J$N$+!"$=$l$H$b(B 9 $B7o$J$N$+!#(B

$B"#(B 2010.07.04

$B"#(B 2010.07.03

$B"#(B 2010.07.02

$B"#(B $BDI5-(B

Adobe Reader and Acrobat 9.3.3 and 8.2.3

$B!!\:Y(B:

Authorization Bypass When Executing An Embedded Executable.

$B!!(BAdobe Reader / Acrobat 9.3.3 / 8.2.3 $B$K$O!"(B/Launch /Action $B$N7o$KBP$9$kBP1~$,4^$^$l$F$$$k!#(B

  • $B56Au%a%C%;!<%8$NM^;_(B

  • $B%3%^%s%I

$B!!$7$+$7\:Y(B:

Opera 10.60 for Windows changelog

$B!!(BOpera 10.60 $B$K$O!V(BAVG $B$N(B Web Threat Data Feed $B!W(B $B$H$$$&5!G=$,DI2C$5$l$F$$$k$N$@$=$&$G!#(B

Microsoft 2010 $BG/(B 6 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(B$B%^%$%/%m%=%U%H&IJ$X$N1F6A$K$D$$$F(B ($BIY;N%<%m%C%/%9(B, 2010.07.02)$B!#(BApeosWare $BJ}LL$GIT6q9g$,=P$kLOMM!#(B $B2sHr%D!<%k$,8x3+$5$l$F$$$k!#(B

$BK\8=>]$r2sHr$9$k$?$a$N%D!<%k$rDs6!$$$?$7$^$9!#(B
$BBP>]>&IJ$N$4;HMQ;~$KK\%D!<%k$r&IJ$,@5>o$K5/F0$G$-$k$h$&$K$J$j$^$9(B($BL58z2=$5$l$?5!G=$r0l;~E*$KM-8z$K$7$^$9(B)$B!#(B
$B%D!<%k$O>&IJ$4;HMQ$NETEY!"Kh2s $B$J$*!"K\%D!<%k$O!"%^%$%/%m%=%U%HpJs$r$b$H$K:n@.$7$F$$$^$9!#(B

$B"#(B 2010.07.01

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2219475) Windows $B$N%X%k%W$H%5%]!<%H(B $B%;%s%?!<$N@H

$B!!(BAttacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885) (Microsoft Malware Protection Center, 2010.06.30)

APSB10-15: Security updates available for Adobe Reader and Acrobat

$B!!(BAdobe, Make My Day Too$B!D(B. (ESET Threat Blog, 2010.06.30)$B!#(BJavaScript $B$rL58z$K$7$?4D6-$G99?7$9$k$H!":F$S(B JavaScript $B$,M-8z$K$J$C$F$7$^$&(B ($B$H$$$&$+!"%G%U%)%k%H$KLa$k(B) $BLOMM!#Cm0U$7$^$;$&!#(B

Opera 10.54 for Windows changelog

$B!!(B10.54 $B$G$N=$@59`L\$,8x3+$5$l$?!#!V(B4 $B$D$N>\:YL$8x3+$N7g4Y!W$O$3$&$$$&FbMF$@$C$?!#(B

  • Fixed an issue where Data URIs could be used to allow cross-site scripting; see our advisory (http://www.opera.com/support/search/view/955/).
  • Fixed an issue where unrestricted File I/O could be used by Widgets to execute arbitrary code; see our advisory (http://www.opera.com/support/search/view/962/).
  • Fixed an issue which could allow certain characters to be used for domain name spoofing; see our advisory (http://www.opera.com/support/search/view/961/).
  • Fixed an issue where file inputs could disclose the path to selected files; see our advisory (http://www.opera.com/support/search/view/960/).

libpng 1.4.3 / 1.2.44 $B%j%j!<%9(B

$B!!(BCVE-2010-2249 $B$b$"$k$=$&$G!#$3$A$i$O(B DoS $B$NLOMM!#(B

$B"#(B Opera 10.60 for Windows changelog
(Opera.com, 2010.07.01)

$B!!(BOpera 10.60 $BEP>l!#$h$&$d$/(B Windows / Mac / Unix $BHG$,=PB7$C$?!#(B $B?75,$N=$@5$O(B 2 $B7o!#(B

  • Fixed an issue where double-clicking a link can unexpectedly run a program from the Internet; see our advisory (http://www.opera.com/support/search/view/957/).
  • Fixed an issue which could be used to trick users into uploading unexpected files, as reported by Andrew Valums; see our advisory (http://www.opera.com/support/search/view/958/).

$B!!(BUnix $BHG$K$D$$$F$O!"(BWindows / Mac $BHG$G$O(B 10.54 $B0JA0$K=$@5$5$l$F$$$?8D=j$b$O$8$a$F=$@5$5$l$F$$$k!#(B

2010.07.02 $BDI5-(B:

$B!!(BOpera 10.60 $B$K$O!V(BAVG $B$N(B Web Threat Data Feed $B!W(B $B$H$$$&5!G=$,DI2C$5$l$F$$$k$N$@$=$&$G!#(B

$B"#(B VAIO$B%Q!<%=%J%k%3%s%T%e!<%?!<(B F$B%7%j!<%:!"(BC$B%7%j!<%:!!(B $BH/G.KI;_:G?7(BBIOS$B$X$N%"%C%W%G!<%H$N$*4j$$$H$*OM$S(B
(SONY, 2010.06.30)

$B!!(BVAIO F $B%7%j!<%:(B / C $B%7%j!<%:$K$*$1$k29EY4IM}5!G=$KIT6q9g$,$"$j!"(B $B!V2a>j$KH/G.!W$7!V30Au$,JQ7A!W$9$k2DG=@-$,$"$k$=$&$G!#(B

$B!!(BBIOS $B%"%C%W%G!<%H$K$h$jBP1~$5$l$k!#(BVAIO Update $B$"$k$$$O

[$B%;%-%e%j%F%#%[!<%k(B memo]
[$B;d$K$D$$$F(B]