$B%;%-%e%j%F%#%[!<%k(B memo - 2010.08

Last modified: Mon Jan 24 18:54:18 2011 +0900 (JST)

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B"#(B 2010.08.31

$B"#(B 2010.08.30

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2269637) $B0BA4$G$J$$%i%$%V%i%j$N%m!<%I$K$h$j!"%j%b!<%H$G%3!<%I$,

$B!!=$@5$5$l$?%"%W%j$NNc(B:

$B!!4XO"(B:

ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Vulnerability

$B!!@>;3$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B)

> $B%&%$%k%9%P%9%?!<(B 2010 $B$K$O(B UfPBCtrl.dll $B$O4^$^$l$F$$$k$N$+$J!#(B

$B$K4X$7$F!"<+Bp$N%&%$%k%9%P%9%?!<(B2010$B$K!"$3$N%U%!%$%kL>$N%U%!%$%k$O$"$j$^$7$?!#(B

UfPBCtrl.dll
C:\Program Files\Trend Micro\Virus Buster
17.50.0.1647

$B!!(B$B$^$C$A$c$5$s$K$h$k2r@b(B$B$b;2>H!#(B

$B@He$2$?$i(BOK$B$C$F$3$H$G$9$+$M!#(B

$B"#(B 2010.08.29

$B"#(B 2010.08.28

$B"#(B 2010.08.27

$B"#(B $B$$$m$$$m(B (2010.08.27)
(various)

$B"#(B $B%5%$%\%&%:(B Office $B$J$I$KJ#?t$N7g4Y(B
($B%5%$%\%&%:(B, 2010.08.16)

$B!!F?L>4uK>$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!$3$N%;%-%e%j%F%#>pJs!"EPO?%f!<%6!<$K$b9pCN$5$l$F$$$J$$$N$@$=$&$G!#(B $B>e5-%Z!<%8$r8+$k$H!"0l8+(B RSS $B$G%;%-%e%j%F%#>pJs$r$B$B$K$O!"$=$s$J$b$N$O$I$3$K$b4^$^$l$F$$$J$$LOMM!#(B $B%;%-%e%j%F%#>pJs(B$B$r$3$^$a$KGA$/$7$+$J$$$N$+$J!#(B

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2269637) $B0BA4$G$J$$%i%$%V%i%j$N%m!<%I$K$h$j!"%j%b!<%H$G%3!<%I$,

$B!!4XO"(B:

$B"#(B ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Vulnerability
(Zero Day Initiative, 2010.08.26)

$B!!(BTrend Micro Internet Security Pro 2010 $B$K7g4Y!#(BUfPBCtrl.dll ActiveX $B%3%s%H%m!<%k$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r3+$/$HG$0U$N%3!<%I$,CVE-2010-3189

$B!!(Bhot fix $B$,8x3+$5$l$F$$$k(B: [Hot Fix] UfPBCtrl.dll is vulnerable to remote attackers (trendmicro, 2010.08.22)

$B!!$3$l$C$F!"F|K\$G8@$&$H$3$m$N%&%$%k%9%P%9%?!<(B 2010 $B$J$s$G$9$+$M(B? Key Features of Trend Micro Internet Security $B$H(B Key Features of Trend Micro Internet Security Pro $B$r8+Hf$Y$k$H!"(BSystem Tuner $B$,$"$k$N$O(B Pro $B$@$1$@$J$"!#(B $B%&%$%k%9%P%9%?!<(B 2010 $B5!G=0lMw(B$B$K$O%7%9%F%`%A%e!<%J!<$,$"$k$N$G!"4pK\$O(B Pro $B$C$F$3$H$G$$$$$N$+$J!#(B $B$G$b!"(BOnline Backup $B$H$+!"%&%$%k%9%P%9%?!<(B 2010 $B$K$O$J$$5!G=$b$"$k$s$@$h$J!#(B $B%&%$%k%9%P%9%?!<(B 2010 $B$K$O(B UfPBCtrl.dll $B$O4^$^$l$F$$$k$N$+$J!#(B $B;H$C$F$J$$$+$i$o$+$i$J$$!#(B

2010.08.30 $BDI5-(B:

$B!!@>;3$5$s$+$i(B ($B>pJs$"$j$,$H$&$4$6$$$^$9(B)

> $B%&%$%k%9%P%9%?!<(B 2010 $B$K$O(B UfPBCtrl.dll $B$O4^$^$l$F$$$k$N$+$J!#(B

$B$K4X$7$F!"<+Bp$N%&%$%k%9%P%9%?!<(B2010$B$K!"$3$N%U%!%$%kL>$N%U%!%$%k$O$"$j$^$7$?!#(B

UfPBCtrl.dll
C:\Program Files\Trend Micro\Virus Buster
17.50.0.1647

$B!!(B$B$^$C$A$c$5$s$K$h$k2r@b(B$B$b;2>H!#(B

$B@He$2$?$i(BOK$B$C$F$3$H$G$9$+$M!#(B

2010.10.13 $BDI5-(B:

$B!!K\F|IU$N%"%C%W%G!<%H$K$h$C$FBP1~$5$l$?$h$&$G$9(B: $B%&%$%k%9%P%9%?!<(B2010$B$KB8:_$9$k@H ($B%H%l%s%I%^%$%/%m(B, 2010.10.13)$B!"(B $B%&%$%k%9%P%9%?!<(B2010$B$KB8:_$9$k@H (memo, 2010.10.13)$B!#(B

$B"#(B 2010.08.26

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2269637) $B0BA4$G$J$$%i%$%V%i%j$N%m!<%I$K$h$j!"%j%b!<%H$G%3!<%I$,

$B!!4XO"(B:

$B"#(B 2010.08.25

$B"#(B $B$$$m$$$m(B (2010.08.25)
(various)

$B"#(B About Security Update 2010-005
(Apple, 2010.08.24)

$B!!(BMac OS X 10.5.8 / 10.6.4 $BMQ%;%-%e%j%F%#%"%C%W%G!<%H!#(B13 $B

$B"#(B APSB10-20: Security update available for Shockwave Player
(Adobe, 2010.08.24)

$B!!(BShockwave Player 11.5.7.609 $B0JA0$K(B 20 $B7$/$b$N(B x 11$B!"(BDoS x 1)$B!#(B Shockwave Player 11.5.8.612 $B$G=$@5$5$l$F$$$k!#(B

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2269637) $B0BA4$G$J$$%i%$%V%i%j$N%m!<%I$K$h$j!"%j%b!<%H$G%3!<%I$,

$B!!4XO"(B:

$B"#(B 2010.08.24

$B"#(B Winny $B$K?7$?$J(B 4 $B$D$N7g4Y(B
(JVN, 2010.08.20)

$B!!$@$=$&$G$9!#(B

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!4XO"(B:

APSB10-07: Security Advisory for Adobe Reader and Acrobat

$B!!(BAnatomy of a PDF Exploit (provos.org, 2010.08.19)$B!#(B CVE-2010-0188 exploit $B$N2r@b!#(B

Authorization Bypass When Executing An Embedded Executable.

$B!!(BAPSB10-17: Security Advisory for Adobe Reader and Acrobat (adobe) $B$,=P$F$$$^$9!#$3$l$K$O(B CVE-2010-1240 $B$N=$@5$,4^$^$l$F$$$k$=$&$J$N$G!"$b$7$+$7$?$i!">e5-$N!X!V%3%^%s%I

APSB10-17: Security Advisory for Adobe Reader and Acrobat

$B!!(BAPSB10-17 $B$,:FEY2~D{$5$l$F$^$9!#(B $BM=Dj$I$*$j(B 2010.08.20 $B$K=P$^$7$?!#(BCVE-2010-2862 $B$NB>$K$b!"(B CVE-2010-1240 $B$,=$@5$5$l$F$$$k!#(B/Launch /Action $B$N7o!"7Y9p2hLL$NI=5-$N:>>N$KBP$9$k!"$5$i$J$kBP1~$NLOMM!#(B

$B"#(B 8 $B7n(B 4 $BF|0J9_!"(BMicrosoft Update $B$,7c=E$K(B?
(various)

$B!!(B8 $B7n(B 4 $BF|0J9_!"(BMicrosoft Update $B$rA*Br$7$F$$$k$H(B wuauclt.exe $B$H(B svchost.exe $B$,BgNL$N%a%b%j$r>CHq$7$F$7$^$&$H$$$&;vNc$,3FCO$GH/@8$7$F$$$kLOMM!#(B $BFC$K!"(BWindows XP + 512 MB $B%a%b%j$H$$$C$?!"Dc%9%Z%C%/%^%7%s$K$*$$$F?<9o$J;vBV$H$J$kLOMM!#;0Bp$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#(B (typo fixed: 572 $B$5$s46

$B!!(BMicrosoft Update $B$G$O$J$/(B Windows Update $B$rA*Br$9$k$3$H$G2sHr$G$-$F$$$kLOMM!#(B from http://hibari.2ch.net/test/read.cgi/win/1249441008/539

$B$^$"!"0lHV$NLdBj$O;HMQNL$J$N$O3N$+(B
$B%9%/%7%g$+$i$bJ,$k$H;W$&$1$I!":GBg(B810MB$B$^$G9T$C$F$k(B
Windows Update$B$K@Z$jBX$($k$H:GBgCM$O(B260MB$B$^$G$7$+9T$+$J$+$C$?(B

$B!!$"$H!"(BWindows Update / Microsoft Update $BJ}LL$G$O!"%"%s%A%&%$%k%9%=%U%H$,B-0z$C$Q$j$J$3$H$b$"$k$N$GCm0U!#(B Virus scanning recommendations for Enterprise computers that are running currently supported versions of Windows (Microsoft KB 822158) $B$K$"$k=|30@_Dj$O!"Dc%9%Z%C%/%^%7%s$J$iFC$K!"

2010.09.10 $BDI5-(B:

$B!!$h$&$d$/!"(BMicrosoft $BB&$G2?$i$+$NBP1~$,$J$5$l$?LOMM$G$9!#(B [XP] wuauclt.exe$B$H(Bsvchost.exe$B$,=E$$!&!&!&!&(B (Microsoft answers) $B$N(B harusora $B$5$s$NEj9F(B:

$B:rF|(BMS$B$NM-=~%5%]!<%H$+$iO"Mm$,M-$j!"8=:_$O(BMicrosoftUpdate$B$G99?7$N8!:w$r$+$1$k$@$1$G>I>u$O2r>C$9$k$H$N;v$G$9!#(B
$BFCJL2?$+$r%$%s%9%H!<%k$9$kI,MW$O$"$j$^$;$s!#(B
$BJ@$j$^$7$?!#(B

$B!!(BWindows$B!&(BMicrosoft Update$B$,CY$$!&=E$$(B (2ch.net) $B$G$b!"(B732 $B0J9_(B$B$KF1MM$N=q$-9~$_$,8+$i$l$k!#(B

$B"#(B VideoLAN Security Advisory 1004: Insufficient input validation in VLC TagLib plugin
(VideoLAN.org, 2010.08.18)

$B!!(BVLC Media Player 0.9.0 $B!A(B 1.1.2 $B$K7g4Y!#(BID3v2 $B%?%0$N07$$$K7g4Y$,$"$j!"96N,%a%G%#%"%U%!%$%k$K$h$C$F(B VLC Media Player $B$,%/%i%C%7%e$9$k!#G$0U$N%3!<%I$NCVE-2010-2937

$B!!(BVLC Media Player 1.1.3 $B$G=$@5$5$l$F$$$k!#(BWindows / Mac $BMQ%P%$%J%j$b8x3+$5$l$F$$$k!#$^$?(B VLC Media Player 1.0.6 / 1.1.x $BMQ$N(B patch $B$,8x3+$5$l$F$$$k!#(B

$B"#(B Google Chrome Stable Channel Update
(Google Chrome Release blog, 2010.08.19)

$B!!=54)(B Google Chrome, 5.0.375.127 $BEP>l!#(B9 $B7o$N7g4Y$,=$@5$5$l$F$$$k!#(B $BFb(B 8 $B7o$K>^6b$,$D$$$F$$$k!#(B

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2269637) $B0BA4$G$J$$%i%$%V%i%j$N%m!<%I$K$h$j!"%j%b!<%H$G%3!<%I$,
(Microsoft, 2010.08.24)

$B!!30It%i%$%V%i%j$r%m!<%I$9$k:]$K!"E,@Z$K%W%m%0%i%_%s%0$7$J$$$H!"(B $B0U?^$7$J$$>l=j$K$"$k(B DLL $B$r%m!<%I$7$F$7$^$&$3$H$,$"$kOC!#(B $B:#2s$O!"%U%!%$%k6&M-$rDL$8$F96N,(B DLL $B$,%m!<%I$5$l$F$7$^$&2DG=@-$,7|G0$5$l$F$$$kLOMM!#(B $B$3$l$N7o(B:

$B!!(BDynamic-Link Library Security (MSDN) $B$K!"2?$,5/$3$k$+!"$*$h$SBP=hJ}K!$,5-:\$5$l$F$$$k!#$$$$$+$2$s!"%+%l%s%H%G%#%l%/%H%j$O$d$a$h$&!D!D!#(B

$B!!4XO"(B:

2010.08.25 $BDI5-(B:

$B!!4XO"(B:

2010.08.26 $BDI5-(B:

$B!!4XO"(B:

2010.08.27 $BDI5-(B:

$B!!4XO"(B:

2010.08.30 $BDI5-(B:

$B!!=$@5$5$l$?%"%W%j$NNc(B:

$B!!4XO"(B:

2010.09.01 $BDI5-(B:

$B!!4XO"(B:

2010.09.10 $BDI5-(B:

$B!!=$@5$5$l$?%"%W%j(B:

$B!!2r@b5-;v(B:

2010.10.12 $BDI5-(B:

$B!!=$@5$5$l$?%"%W%j(B:

2010.11.29 $BDI5-(B:

$B!!(Biceiv+putty (ice.hotmint.com, 2010.08.28)$B!#(B PuTTY svn 8965 + PuTTY 0.60 $B$4$C$?pJs$"$j$,$H$&$4$6$$$^$9!#(B

$B!!$A$J$_$K!"(B$BK\2H(B PuTTY $B$G$O!"(B2010.09.13 $B$4$m(B$B$KBP1~$5$l$F$$$k$h$&$G$9!#:G?7$N(B svn $BHG%=!<%9!"$*$h$S(B $B%@%&%s%m!<%I%Z!<%8(B$B$K$"$k:G?7$N(B development snapshot $B$G$OD>$C$F$$$kLOMM$G$9!#(B

2011.01.24 $BDI5-(B:

$B!!(B$B!V(BDLL $B%W%j%m!<%ILdBj$NBP:v%,%$%@%s%9!W8x3+!*(B ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2011.01.19)

$B"#(B 2010.08.23

$B"#(B 2010.08.20

$B"#(B Ruby 1.9.2$B%j%j!<%9$H(BWEBrick$B@H
($B@>HxBYOB$N$O$F$J%@%$%"%j!<(B, 2010.08.19)

$B!!KhEY$*$5$o$,$;4k6H(B Apple $B$G$9$+!D!D!#(B

$B"#(B 2010.08.19

$B"#(B $B!ZCm0U4-5/![(Be$B%3%^!<%9%5%$%H$rI8E*$H$7$?%/%l%8%C%H%+!<%I>pJs$d8D?M>pJs$N@`
(LAC, 2010.08.19)

$B!!(BPHP / Linux $BA@$$$N967b$,A}$($F$$$k$N$+$J!#(B $B%M%C%H%9!<%Q!<(B8$BpJs(B1$BK|(B2191$B7o$,N.=P(B $B$H4X78$7$F$$$k$N$+$J$"!#(B

$B"#(B $BDI5-(B

QuickTime 7.6.6 / iTunes 9.1 $B8x3+(B

$B!!4XO"(B: ASPR #2010-08-18-1: Remote Binary Planting in Apple iTunes for Windows (acrossecurity.com, 2010.08.18)$B!#(BCVE-2010-1795 $B$N7o!#(B

$B"#(B 2010.08.18

$B"#(B $B8&5fZHV9f$r(B68$B!s2rFI(B
(CNET, 2010.08.18)

$B!!Ez$($O$=$3$K$"$kLOMM!#(B

$B"#(B $B$$$m$$$m(B (2010.08.18)
(various)

$B"#(B $BDI5-(B

$B!V(BJailbreakMe 2.0$B!W$,(BPDF$B%(%/%9%W%m%$%H$r;HMQ(B

$B!!(BiOS 4.0.2 / 3.2.2 $B$G=$@5$5$l$?7g4Y(B:

$B!!(BFreeType $B$NJ}$O(B iOS $B$K$H$I$^$i$J$$(B:

$B!!4XO"(B:

APSB10-17: Security Advisory for Adobe Reader and Acrobat

$B!!(BAPSB10-17 $B$,2~D{$5$l$?!#(B

Adobe expects to make these updates available on Thursday August 19, 2010.

$B!!JF9qF|IU$G$7$g$&$+$i!"F|K\;~4V$G$O(B 2010.08.20 $B$+$J!#(B

$B"#(B 2010.08.17

$B"#(B Opera 10.61 released
(Opera.com, 2010.08.12)

$B!!(BOpera 10.61 $BEP>l!#(B Changelog $B$K$h$k$H!"(B3 $B7o$N%;%-%e%j%F%#99?7$,4^$^$l$F$$$kLOMM$G$9!#(B

$B"#(B Google Chrome Stable Channel Update
(Google Chrome Release blog, 2010.08.11)

$B!!(BGoogle Chrome 5.0.375.126 $BEP>l!#(B

This version contains an updated version of the Flash plugin.

$B!!(BAPSB10-16: Security update available for Adobe Flash Player $B$K$"$o$;$F$N99?7!"$H$$$&$3$H$+$J!#(B

$B"#(B APSB10-18: Security update: Hotfix available for ColdFusion
(Adobe, 2010.08.10)

$B!!(BColdFusion 8.0 / 8.0.1 / 9.0 / 9.0.1 $B$*$h$S$=$l$i0JA0$K!"%G%#%l%/%H%j%H%i%P!<%5%k$r5v$97g4Y!#(B $B=$@5%W%m%0%i%`$,MQ0U$5$l$F$$$k!#(B CVE-2010-2861

$B!!4XO"(B: ColdFusion directory traversal FAQ (CVE-2010-2861) (gnucitizen.org, 2010.08.13)

$B"#(B 2010.08.13

$B"#(B About the security content of QuickTime 7.6.7
(Apple, 2010.08.13)

$B!!(BQuickTime 7.6.7 $BEP>l!#(BWindows $BHG$K$N$_B8:_$9$k!"(B $B96N,%`!<%S!<%U%!%$%k$K$h$C$FG$0U$N%3!<%I$,CVE-2010-1799

$B"#(B 2010.08.12

$B"#(B $BDI5-(B

$B!V(BJailbreakMe 2.0$B!W$,(BPDF$B%(%/%9%W%m%$%H$r;HMQ(B

$B!!(BiOS $B=$@5HG=P$^$7$?!#(B

$B"#(B Microsoft 2010 $BG/(B 8 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2010.08.11)

$B!!M=Dj$I$*$j=P$^$7$?!#(B($B$"$H$GDI5-$9$kM=Dj(B)

2010.09.05 $BDI5-(B:

$B!!$$$^$4$mDI5-!#(B

MS10-047 - $B=EMW(B: Windows $B%+!<%M%k$N@H:3J$5$l$k(B (981852)

$B!!(BWindows XP 32bit / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B Windows $B%+!<%M%k$K(B 3 $B$D$N7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$d(B DoS $B967b$,2DG=!#(B Windows XP 64bit / Server 2003 $B$K$O$3$N7g4Y$O$J$$!#(B

  • Windows $B%+!<%M%k$N%G!<%?=i4|2=$N@HCVE-2010-1888

    Windows XP 32bit $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(B Exploitability Index: 1

  • $B%+!<%M%k$N%@%V%k(B $B%U%j!<$N@HCVE-2010-1889

    Windows Vista / Server 2008 $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(B Exploitability Index: 2

  • Windows $B%+!<%M%k(B $B$NITE,@Z$J8!>Z$N@HCVE-2010-1890

    Windows Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y$,$"$j!"(B local user $B$K$h$k(B DoS $B967b$,2DG=!#(B Exploitability Index: N/A

MS10-048 - $B=EMW(B: Windows $B%+!<%M%k%b!<%I(B $B%I%i%$%P!<$N@H:3J$5$l$k(B (2160329)

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(BWindows $B%+!<%M%k%b!<%I%I%i%$%P$K(B 5 $B$D$N7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$d(B DoS $B967b$,2DG=!#(B

  • Win32k $B$N6-3&%A%'%C%/$N@HCVE-2010-1887

    Windows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k(B DoS $B967b$,2DG=!#(B Exploitability Index: N/A

  • Win32k $B$NNc30=hM}$N@HCVE-2010-1894

    Windows XP / Server 2003 $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(BExploitability Index: 1

  • Win32k $B$N%W!<%k(B $B%*!<%P!<%U%m!<$N@HCVE-2010-1895

    Windows XP / Server 2003 $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(BExploitability Index: 1

  • Win32k $B$N%f!<%6!Z$N@HCVE-2010-1896

    Windows XP / Server 2003 / Vista / Server 2008 $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(BExploitability Index: 1

  • Win32k $B$N%&%#%s%I%&:n@.$N@HCVE-2010-1897

    Windows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(BExploitability Index: 1

$B!!4XO"(B: MS10-048 an explanation of the Defense in Depth fixes (Microsoft Security Research & Defense, 2010.08.10)

MS10-049 - $B6[5^(B: SChannel $B$N@H

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(BWindows $B$N(B Secure Channel (SChannel) $B$K(B 2 $B$D$N7g4Y$,$"$j!"$J$j$9$^$7$dG$0U$N%3!<%I$N7$/!#(B

MS10-050 - $B=EMW(B: Windows $B%`!<%S!<(B $B%a!<%+!<$N@H

$B!!(BWindows $B%`!<%S!<%a!<%+!<(B 2.1 / 2.6 / 6.0 $B$K7g4Y!#(B $B%W%m%8%'%/%H%U%!%$%k$N=hM}$K7g4Y$,$"$j!"(B $B96N,%W%m%8%'%/%H%U%!%$%k(B (.MSWMM $B%U%!%$%k(B) $B$r3+$/$HG$0U$N%3!<%I$,CVE-2010-2564$B!#(B Exploitability Index: 1

$B!!(BWindows XP / Vista $B$K$O(B Windows $B%`!<%S!<%a!<%+!<$,F1:-$5$l$F$$$k!#(B

MS10-051 - $B6[5^(B: Microsoft XML $B%3%"(B $B%5!<%S%9$N@H

$B!!(BMicrosoft XML $B%3%"(B $B%5!<%S%9(B 3.0 $B$K7g4Y!#!V(BMSXML $B$,(B HTTP $B1~Ez$r=hM}$9$kJ}K!!W$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,CVE-2010-2561$B!#(B Exploitability Index: 2

MS10-052 - $B6[5^(B: Microsoft MPEG Layer-3 $B%3!<%G%C%/$N@H

$B!!(BWindows XP / Server 2003 $B$K7g4Y!#(B MPEG Layer-3 $B%*!<%G%#%*%3!<%G%C%/$K7g4Y$,$"$j!"96N,%*!<%G%#%*%U%!%$%k$r3+$/$HG$0U$N%3!<%I$,CVE-2010-1882$B!#(B Exploitability Index: 1

MS10-053 - $B6[5^(B: Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (2183461)

$B!!(BIE 6 / 7 / 8 $B$K(B 6 $B$D$N7g4Y$,$"$j!">pJsO31L$dG$0U$N%3!<%I$N7$/!#(B

  • $B%$$Y%s%H(B $B%O%s%I%i!<$N%/%m%9(B $B%I%a%$%s$N@HCVE-2010-1258

    IE 6 / 7 / 8 $B$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$7!"$+$D!V%^%&%9$r;HMQ$7$F%V%i%&%6!<%&%#%s%I%&$HBPOC$9$k!W$H>pJsO31L$,H/@8!#(B Exploitability Index: 3

  • $B=i4|2=$5$l$F$$$J$$%a%b%jGKB;$N@HCVE-2010-2556

    IE 6 / 7 / 8 $B$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

  • $B=i4|2=$5$l$F$$$J$$%a%b%jGKB;$N@HCVE-2010-2557

    IE 6 $B$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

  • $B6%9g>uBV$N%a%b%jGKB;$N@HCVE-2010-2558

    IE 6 / 7 / 8 $B$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

  • $B=i4|2=$5$l$F$$$J$$%a%b%jGKB;$N@HCVE-2010-2559

    IE 8 $B$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

  • HTML $B%l%$%"%&%H$N%a%b%jGKB;$N@HCVE-2010-2560

    IE 6 / 7 / $B$K7g4Y$,$"$j!"96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

MS10-054 - $B6[5^(B: SMB $B%5!<%P!<$N@H

$B!!(BWindows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(BSMB $B%W%m%H%3%k

  • SMB $B$N%W!<%k(B $B%*!<%P!<%U%m!<$N@HCVE-2010-2550

    Windows XP / Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(BSMB $B%W%m%H%3%kl9g$OG'>Z$OITMW!#(B Windows Server 2003 / Vista / Server 2008 / 7 / Server 2008 R2 $B$G$O!"!V%Q%9%o!<%I%Y!<%9$N6&M-$,L58z!W$G$"$l$PG'>Z$OITMW!"$=$&$G$J$1$l$PG'>Z$,I,MW!#(B Exploitability Index: 2

    $B4XO"(B: MS10-054: Exploitability Details for the SMB Server Update (Microsoft Security Research & Defense, 2010.08.10)

  • SMB $B$NJQ?t$N8!>Z$N@HCVE-2010-2551

    Windows Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B SMB $B%W%m%H%3%k

  • SMB $B$N%9%?%C%/>CHq$N@HCVE-2010-2552

    Windows Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B SMB $B%W%m%H%3%k

MS10-055 - $B6[5^(B: Cinepak Codec $B$N@H

$B!!(BWindows XP / Vista / 7 $B$K7g4Y!#(BCinepak Codec $B$K7g4Y$,$"$j!"96N,%a%G%#%"%U%!%$%k$r3+$/$HG$0U$N%3!<%I$,CVE-2010-2553$B!#(B Exploitability Index: 1

MS10-056 - $B6[5^(B: Microsoft Office Word $B$N@H

$B!!(BMicrosoft Word 2002 (XP) / 2003 / 2007$B!"(BOffice 2004 / 2008 for Mac$B!"(B Open XML File Format Converter for Mac$B!"(BWord Viewer$B!"(B Word/Excel/PowerPoint 2007 $B%U%!%$%k7A<0MQ(B Microsoft Office $B8_495!G=%Q%C%/!"(BWorks 9 $B$K(B 4 $B$D$N7g4Y!#(B

  • Word $B$N%l%3!<%I$N2r@O$N@HCVE-2010-1900

    Microsoft Word 2002 (XP) / 2003 / 2007$B!"(BOffice 2004 / 2008 for Mac$B!"(B Open XML File Format Converter for Mac$B!"(BWord Viewer$B!"(B Word/Excel/PowerPoint 2007 $B%U%!%$%k7A<0MQ(B Microsoft Office $B8_495!G=%Q%C%/!"(BWorks 9 $B$K7g4Y!#(B Word $B%U%!%$%k$N=hM}$K7g4Y$,$"$j!"(B $B96N,(B Word $B%U%!%$%k$r3+$/$HG$0U$N%3!<%I$,

  • Word $B$N(B RTF $B7A<0$N2r@O%(%s%8%s$N%a%b%jGKB;$N@HCVE-2010-1901

    Microsoft Word 2002 (XP) / 2003 / 2007$B!"(BOffice 2004 / 2008 for Mac$B!"(B Open XML File Format Converter for Mac$B!"(BWord Viewer$B!"(B Word/Excel/PowerPoint 2007 $B%U%!%$%k7A<0MQ(B Microsoft Office $B8_495!G=%Q%C%/$K7g4Y!#(B RTF $B7A<0%G!<%?$N2r@O$K7g4Y$,$"$j!"96N,(B RTF $B7A<0%G!<%?$K$h$C$FG$0U$N%3!<%I$,

  • Word $B$N(B RTF $B7A<0$N2r@O$N%P%C%U%!!<(B $B%*!<%P!<%U%m!<$N@HCVE-2010-1902

    Microsoft Word 2002 (XP) / 2003 / 2007$B!"(BOffice 2004 / 2008 for Mac$B!"(B Open XML File Format Converter for Mac$B!"(BWord Viewer$B!"(B Word/Excel/PowerPoint 2007 $B%U%!%$%k7A<0MQ(B Microsoft Office $B8_495!G=%Q%C%/$K7g4Y!#(B RTF $B7A<0%G!<%?$N2r@O$K7g4Y$,$"$j!"96N,(B RTF $B7A<0%G!<%?$K$h$C$FG$0U$N%3!<%I$,

  • Word HTML $B%j%s%/%*%V%8%'%/%H$N%a%b%jGKB;$N@HCVE-2010-1903

    Microsoft Word 2002 (XP) / 2003$B!"(BWord Viewer $B$K7g4Y!#(B Word $B%U%!%$%k$N=hM}$K7g4Y$,$"$j!"96N,(B Word $B%U%!%$%k$r3+$/$HG$0U$N%3!<%I$,

MS10-057 - $B=EMW(B: Microsoft Office Excel $B$N@H

$B!!(BExcel 2002 (XP) / 2003$B!"(BOffice 2004 / 2008 for Mac$B!"(B Open XML File Format Converter for Mac $B$K7g4Y!#(B Excel $B%U%!%$%k$N2r@OJ}K!$K7g4Y$,$"$j!"96N,(B Excel $B%U%!%$%k$r3+$/$HG$0U$N%3!<%I$,CVE-2010-2562$B!#(B Exploitability Index: 1

MS10-058 - $B=EMW(B: TCP/IP $B$N@H:3J$5$l$k(B (978886)

$B!!(BWindows Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B TCP/IP $Be>:$,2DG=!#(B

  • IPv6 $B$N%a%b%jGKB;$N@HCVE-2010-1892

    Windows Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B IPv6 $B

  • Windows $B%M%C%H%o!<%-%s%0$N@0?t$N%*!<%P!<%U%m!<$N@HCVE-2010-1893

    Windows Vista SP1 / Server 2008 gold / 7 / Server 2008 $B$K7g4Y!#(B $BF~NO%P%C%U%!!<$N=hM}$K7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$,2DG=!#(B Vista SP2 / Server SP2 $B$K$O$3$N7g4Y$O$J$$!#(B Exploitability Index: 1

MS10-059 - $B=EMW(B: $B%5!<%S%9$N%H%l!<%95!G=$N@H:3J$5$l$k(B (982799)

$B!!(BWindows Vista / Server 2008 / 7 / Server 2008 R2 $B$K7g4Y!#(B $B%5!<%S%9$N%H%l!<%95!G=$K(B 2 $B$D$N7g4Y$,$"$j!"(Blocal user $B$K$h$k8"8B>e>:$r>7$/!#(B

  • $B%l%8%9%H%j(B $B%-!<$N(B ACL $B$N%H%l!<%9$N@HCVE-2010-2554

    $B%f!<%6$,!V%5!<%S%9$N%H%l!<%95!G=$N%l%8%9%H%j(B $B%-!<$KIT@53N$J%"%/%;%9@)8f%j%9%H(B (ACL) $B$rG[CV$7$?>l9g!W$K!"(Blocal user $B$K$h$k8"8B>e>:$r>7$/!#(B Exploitability Index: N/A

  • $B%H%l!<%9$N%a%b%jGKB;$N@HCVE-2010-2555

    $B%l%8%9%H%j$N=hM}$K7g4Y$,$"$j!"D9Bg$J%l%8%9%H%j$K$h$C$F8"8B>e>:$,2DG=!#(B Exploitability Index: 1

MS10-060 - $B6[5^(B: Microsoft .NET $B6&DL8@8l%i%s%?%$%`$*$h$S(B Microsoft Silverlight $B$N@H

$B!!(B.NET Framework 2.0 / 3.5$B!"(BSilverlight 2 / 3 $B$K(B 2 $B$D$N7g4Y!#(B

  • Microsoft Silverlight $B$N%a%b%jGKB;$N@HCVE-2010-0019

    Silverlight 3 $B$K7g4Y!#%]%$%s%?$N=hM}$K7g4Y$,$"$j!"(B $B96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

  • Microsoft Silverlight $B$*$h$S(B Microsoft .NET Framework CLR $B$N2>A[%a%=%C%I$N0QG$$N@HCVE-2010-1898

    .NET Framework 2.0 / 3.5$B!"(BSilverlight 2 / 3 $B$K7g4Y$,$"$j!"(B $B96N,(B Web $B%Z!<%8$r1\Mw$9$k$HG$0U$N%3!<%I$,

2011.01.18 $BDI5-(B:

$B!!(BInternet Explorer 8 Upgrade Advisor does not function correctly after you install update 2183461 in Windows 7 or in Windows Server 2008 R2 (Microsoft KB 2398632)$B!#(BMS10-053 patch $B$NI{:nMQ!#(B

$B"#(B APSB10-16: Security update available for Adobe Flash Player
(Adobe, 2010.08.10)

$B!!(BFlash Player 10.1.82.76 / 9.0.280.0$B!"(BAIR 2.0.3 $BEP>l!#(B $B$=$l$h$jA0$NHG$K$O(B 6 $B7$/$b$N$,(B 5 $B$D!"%/%j%C%/%8%c%C%-%s%0$N0z6b$K$J$k$b$N$,(B 1 $B$D!#(B

$B"#(B 2010.08.10

$B"#(B $BDI5-(B

$B!V(BJailbreakMe 2.0$B!W$,(BPDF$B%(%/%9%W%m%$%H$r;HMQ(B

$B!!(BJailbreakme.com flaw not a PDF vulnerability (Sophos, 2010.08.04)

To date, Apple's security approach has only involved controlling applications in their store so they can provide a safe environment, but this incident could bring the perception of Apple as a virus-free platform to an end. If Apple does not design security into the platform, this incident may only be the tip of the proverbial iceberg.

$B!!$"$H!"Ev3:(B PDF $B%U%!%$%k$G(B Foxit Reader $B$,(B crash $B$9$k7o$K$D$$$F!"(B Foxit Reader 4.1.1.0805 $B$G=$@5$5$l$?$=$&$G$9!#(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!4XO"(B:

$B"#(B 2010.08.09

$B"#(B 2010.08.06

$B"#(B APSB10-17: Security Advisory for Adobe Reader and Acrobat
(Adobe, 2010.08.05)

$B!!(BAdobe Reader / Acrobat 9.3.3 / 8.2.3 $B0JA0$KJ#?t$N7g4Y$,$"$j!"(B 2010.08.16 $B$N=5(B ($B$5Mh=5(B) $B$K99?7HG$rDjNc30%j%j!<%9$9$kM=Dj!#(B $B=$@5$5$l$k7g4Y$K$O!"(BBlack Hat USA 2010 $B$GH/I=$5$l$?!"(B [SA40766] Adobe Reader/Acrobat Font Parsing Integer Overflow Vulnerability (CVE-2010-2862) $B$b4^$^$l$k!#(B

2010.08.18 $BDI5-(B:

$B!!(BAPSB10-17 $B$,2~D{$5$l$?!#(B

Adobe expects to make these updates available on Thursday August 19, 2010.

$B!!JF9qF|IU$G$7$g$&$+$i!"F|K\;~4V$G$O(B 2010.08.20 $B$+$J!#(B

2010.08.24 $BDI5-(B:

$B!!(BAPSB10-17 $B$,:FEY2~D{$5$l$F$^$9!#(B $BM=Dj$I$*$j(B 2010.08.20 $B$K=P$^$7$?!#(BCVE-2010-2862 $B$NB>$K$b!"(B CVE-2010-1240 $B$,=$@5$5$l$F$$$k!#(B/Launch /Action $B$N7o!"7Y9p2hLL$NI=5-$N:>>N$KBP$9$k!"$5$i$J$kBP1~$NLOMM!#(B

$B"#(B Thunderbird 3.1.2 $B$r8x3+$7$^$7$?(B
(Mozilla Japan $B%V%m%0(B, 2010.08.06)

$B!!(BThunderbird 3.1.2 $BEP>l!#(B$B%j%j!<%9%N!<%H(B$B!#(B $B%;%-%e%j%F%#=$@5$O$J$$$_$?$$!#(B

$B"#(B $BDI5-(B

$B!V(BJailbreakMe 2.0$B!W$,(BPDF$B%(%/%9%W%m%$%H$r;HMQ(B

$B!!(BJailbreakme.com ($B$F$C$7!<$N4]=P$7(B, 2010.08.03)

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2010 $BG/(B 8 $B7n(B
(Microsoft, 2010.08.06)

$B!!6[5^(B x 8$B!"=EMW(B x 6$B!#(BIE$B!"(BOffice$B!"(BSilverlight $B$"$j(B ($B$$$:$l$b!V6[5^!W(B)$B!#(BWord 2007 $B$K!V6[5^!W$,$D$$$F$^$9$h!#(B

$B"#(B 2010.08.05

$B"#(B 2010.08.04

$B"#(B $B!V(BJailbreakMe 2.0$B!W$,(BPDF$B%(%/%9%W%m%$%H$r;HMQ(B
($B%(%U%;%-%e%"%V%m%0(B, 2010.08.03)

$B!!(BJailbreakMe 2.0 $B$O(B PDF $B%U%!%$%k$G$"$j!"(BSafari $B$KFbB"$5$l$?(B PDF $B%S%e!<%"$N7g4Y$r96N,$7$F(B jailbreak $B$9$k!#(B $B$3$N7g4Y$N!"%^%k%&%'%"$X$N0-MQ$,7|G0$5$l$F$$$kLOMM!#(B

2010.08.06 $BDI5-(B:

$B!!(BJailbreakme.com ($B$F$C$7!<$N4]=P$7(B, 2010.08.03)

2010.08.10 $BDI5-(B:

$B!!(BJailbreakme.com flaw not a PDF vulnerability (Sophos, 2010.08.04)

To date, Apple's security approach has only involved controlling applications in their store so they can provide a safe environment, but this incident could bring the perception of Apple as a virus-free platform to an end. If Apple does not design security into the platform, this incident may only be the tip of the proverbial iceberg.

$B!!$"$H!"Ev3:(B PDF $B%U%!%$%k$G(B Foxit Reader $B$,(B crash $B$9$k7o$K$D$$$F!"(B Foxit Reader 4.1.1.0805 $B$G=$@5$5$l$?$=$&$G$9!#(B

2010.08.12 $BDI5-(B:

$B!!(BiOS $B=$@5HG=P$^$7$?!#(B

2010.08.18 $BDI5-(B:

$B!!(BiOS 4.0.2 / 3.2.2 $B$G=$@5$5$l$?7g4Y(B:

$B!!(BFreeType $B$NJ}$O(B iOS $B$K$H$I$^$i$J$$(B:

$B!!4XO"(B:

$B"#(B 2010.08.03

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!=P$^$7$?(B: MS10-046 - $B6[5^(B: Windows $B%7%'%k$N@H (Microsoft, 2010.08.03)$B!#(BExploitability Index: 1

$B"#(B 2010.08.02

$B"#(B $B$$$m$$$m(B (2010.08.02)
(various)

$B"#(B 2010.08.01

$B"#(B Wireshark 1.2.10, 1.0.15, and 1.4.0rc2 Released
(Wireshark.org, 2010.07.29)

$B!!(BWireshark 1.2.10 / 1.0.15 $BEP>l!#(B2 $BCVE-2010-2287 CVE-2010-2284

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (2286198) Windows $B%7%'%k$N@H

$B!!(B2010.08.03 $B$KDjNc30$G(B hotfix $B$,Ds6!$5$l$kM=Dj$G$9(B: Windows $B$N%;%-%e%j%F%#99?7$N;vA0DLCN(B ($BDjNc30(B) ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2010.07.30)

[$B%;%-%e%j%F%#%[!<%k(B memo]
[$B;d$K$D$$$F(B]