Home > Àüü±â»ç

[±ä±Þ] ¾îµµºñ Ç÷¡½Ã Ç÷¹À̾î, 36°³ º¸¾ÈÆÐÄ¡ ¹ßÇ¥

ÀÔ·Â : 2015-07-09 11:40
ÆäÀ̽ººÏ º¸³»±â Æ®À§ÅÍ º¸³»±â ³×À̹ö ¹êµå º¸³»±â Ä«Ä«¿À ½ºÅ丮 º¸³»±â ³×À̹ö ºí·Î±× º¸³»±â
¾îµµºñ, Á¤º¸³ëÃâ ¹®Á¦ µî 36°³ º¸¾È Ãë¾àÁ¡ ÆÐÄ¡ÇÑ ¾÷µ¥ÀÌÆ® ¹ßÇ¥

UAF Ãë¾àÁ¡, ÃÖ±Ù À¥ºê¶ó¿ìÀú³ª À¥ºê¶ó¿ìÀú Ç÷¯±×Àο¡¼­ ¹ß»ý

Ç÷¡½Ã¿Í À¥ºê¶ó¿ìÀú µî ÃֽŹöÀü ¾÷µ¥ÀÌÆ® Çʼö

 

[º¸¾È´º½º ±è°æ¾Ö] Á¤ºÎ±â°ü¿¡ ½ºÆÄÀÌ¿þ¾î(Spyware)¸¦ ÆǸÅÇÏ´ø ÀÌÅ»¸®¾Æ º¸¾È¾÷ü ÇØÅ·ÆÀ(Hacking Team)ÀÇ ÇØÅ· ¼Ò½ÄÀº Àü¼¼°è¸¦ ¹ßĬ µÚÁý¾î ³õ¾Ò´Ù.

 ¡ã ¾îµµºñ º¸¾ÈÆÐÄ¡ ¾÷µ¥ÀÌÆ® ¹ßÇ¥ ĸóȭ¸é

ÇØÅ·ÆÀÀÇ ÀÚ·á°¡ À¯ÃâµÈ °æ·Î·Î UAF(Use-After-Free) Ãë¾àÁ¡À» ÅëÇÑ Á¦·Îµ¥ÀÌ(0-Day) º¸¾ÈÃë¾àÁ¡(CVE-2015-5119)ÀÌ Áö¸ñµÇ¸é¼­ ¾îµµºñ¿¡¼­µµ ¼­µÑ·¯ 36°³ Ãë¾àÁ¡À» º¸¾È ÆÐÄ¡¸¦ ¹ßÇ¥Çß´Ù.

ƯÈ÷, »çÀ̹ö¹üÁË Á¶Á÷ÀÌ °ø°³µÈ PoC Äڵ带 ÀÌ¿ëÇØ Angler Exploit Kit, Neutrino Exploit Kit, Nuclear Exploit Kit Ãß°¡¸¦ ÅëÇÑ ·£¼¶¿þ¾î(Ransomware) µî ¾Ç¼ºÄÚµå À¯Æ÷¿¡ »ç¿ëÇϱ⠽ÃÀÛÇØ ¹Ýµå½Ã ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ÇØ¾ß ÇÑ´Ù. ÇØ´ç Ãë¾àÁ¡Àº ´ÙÀ½°ú °°´Ù.


µ¿ÀÏ Ãâó Á¤Ã¥ ¿ìȸ¿Í Á¤º¸³ëÃâ ¹®Á¦¸¦ À¯¹ßÇÏ´Â Ãë¾àÁ¡ ÇØ°á

CVE-2014-0578, CVE-2015-3115, CVE-2015-3116, CVE-2015-3125, CVE-2015-5116


Windows 7 64ºñÆ® ȯ°æ¿¡¼­ Flash Èü ¸Þ¸ð¸®ÀÇ ¸Þ¸ð¸® ÁÖ¼Ò ·£´ýÈ­ ±â´É Çâ»ó

CVE-2015-3097


Á¤º¸ ³ëÃâÀ» À¯¹ßÇÏ´Â º¸¾È ¿ìȸ Ãë¾àÁ¡ ÇØ°á

CVE-2015-3114


¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡À» ÅëÇÑ ÄÚµå ½ÇÇà ¹®Á¦ ÇØ°á

CVE-2015-3117, CVE-2015-3123, CVE-2015-3130, CVE-2015-3133, CVE-2015-3134, CVE-2015-4431


UAF(Use-After-Free) Ãë¾àÁ¡À» ÅëÇÑ ÄÚµå ½ÇÇà ¹®Á¦Á¡ ÇØ°á

CVE-2015-3118, CVE-2015-3124, CVE-2015-5117, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3131, CVE-2015-3132, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4430, CVE-2015-5119


°´Ã¼ ŸÀÔ È¥µ¿ Ãë¾àÁ¡À» ÀÌ¿ëÇØ ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ ¹®Á¦ ÇØ°á

CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-4433, CVE-2015-3126, CVE-2015-4429


Èü ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡À» ÅëÇÑ ÄÚµå ½ÇÇà ¹®Á¦ ÇØ°á

CVE-2015-3135, CVE-2015-4432, CVE-2015-5118


À̹ø¿¡ ¹ß°ßµÈ Ãë¾àÁ¡°ú °ü·ÃÇØ º¸¾ÈÀü¹® ÆÄ¿öºí·Î°Å ¿ïÁö ¾Ê´Â ¹ú»õ´Â ¡°UAF Ãë¾àÁ¡Àº °´Ã¼°¡ ¸Þ¸ð¸®¿¡¼­ ÇØÁ¦µÈ ÈÄ¿¡µµ ¿©ÀüÈ÷ ³²¾Æ À־ ÇØÁ¦µÈ ¸Þ¸ð¸® À§Ä¡¿¡¼­ ÀÓÀÇÀÇ µ¥ÀÌÅ͸¦ ÀÛ¼ºÇÒ ¼ö ÀÖ´Ù¡±¸ç ¡°±× °ªÀ» ÂüÁ¶ ¹× ÇÔ¼ö Æ÷ÀÎÅÍ·Î »ç¿ëÇÒ °æ¿ì ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÏ´Ù¡±°í ¸»Çß´Ù.


±×·¯¸é¼­ ±×´Â ¡°ÇöÀç °ø°³µÈ Ãë¾àÁ¡À» ÅëÇØ ¾Ç¼ºÄÚµå À¯Æ÷ ÇàÀ§°¡ ¹ß»ýÇÏ°í ÀÖ¾î ÃֽŠ¹öÀüÀÇ Ç÷¡½Ã ¾÷µ¥ÀÌÆ®¸¦ ÇÏÁö ¾ÊÀ» °æ¿ì À¥»çÀÌÆ® Á¢¼Ó½Ã ÀÚµ¿À¸·Î ¾Ç¼ºÄڵ忡 °¨¿°µÉ ¼ö ÀÖ´Ù¡±¸ç ¡°Ç×»ó ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÏ°í, ¾Ç¼ºÄڵ忡 °¨¿°µÇÁö ¾Êµµ·Ï ÁÖÀǸ¦ ±â¿ï¿©¾ß ÇÑ´Ù¡±°í ´çºÎÇß´Ù.


¶Ç ´Ù¸¥ º¸¾ÈÀü¹®°¡´Â ¡°UAF Ãë¾àÁ¡Àº ÃÖ±Ù À¥ºê¶ó¿ìÀú³ª À¥ºê¶ó¿ìÀú Ç÷¯±×Àο¡¼­ ¸¹ÀÌ ¹ß»ýÇÏ´Â Ãë¾àÁ¡ À¯ÇüÀ¸·Î, ÇØ´ç Ãë¾àÁ¡À» ÀÌ¿ëÇؼ­ ¾Ç¼ºÄڵ带 ¼³Ä¡ÇÒ ¼ö Àֱ⠶§¹®¿¡ °ø°ÝÀÚ°¡ ¾Ç¼ºÄڵ带 À¯Æ÷ÇÏ´Â °Í¡±À̶ó¸ç °¢º°ÇÑ ÁÖÀǸ¦ ´çºÎÇß´Ù.


¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î ¹× ¾÷µ¥ÀÌÆ® ¹öÀü

Adobe Flash Player 18.0.0.194 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Windows, Macintosh) ¡æ Adobe Flash Player 18.0.0.203 ¹öÀü

Adobe Flash Player Extended Support Release 13.0.0.296 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Windows, Macintosh) ¡æ Adobe Flash Player Extended Support Release 13.0.0.302 ¹öÀü

Adobe Flash Player 11.2.202.468 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Linux) ¡æ Adobe Flash Player 11.2.202.481 ¹öÀü

Adobe AIR 18.0.0.144 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Windows) ¡æ Adobe AIR 18.0.0.180 ¹öÀü

Adobe AIR 18.0.0.143 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Macintosh) ¡æ Adobe AIR 18.0.0.180 ¹öÀü

Adobe AIR SDK 18.0.0.144 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Windows, Android, iOS) ¡æ Adobe AIR SDK 180.0.0.180 ¹öÀü


Adobe AIR SDK 18.0.0.143 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Macintosh) ¡æ Adobe AIR SDK 18.0.0.180 ¹öÀü

Adobe AIR SDK & Compiler 18.0.0.144 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Windows, Android, iOS) ¡æ Adobe AIR SDK & Compiler 18.0.0.180 ¹öÀü

Adobe AIR SDK & Compiler 18.0.0.143 ¹öÀü ¹× ÇÏÀ§ ¹öÀü(Macintosh) ¡æ Adobe AIR SDK & Compiler 18.0.0.180 ¹öÀü

Windows, Macintosh, Linux ¿î¿µ üÁ¦¿ë ±¸±Û Å©·Ò(Google Chrome) À¥ ºê¶ó¿ìÀú »ç¿ëÀÚ´Â ÀÚµ¿ ¾÷µ¥ÀÌÆ®(Chrome ¸ÂÃã¼³Á¤ ¹× Á¦¾î ¡æ Chrome Á¤º¸) ±â´ÉÀ» ÅëÇØ ¡®Google Chrome 43.0.2357.132 ¹öÀü¡¯À¸·Î ¾÷µ¥ÀÌÆ®Çϸé Adobe Flash Player 18.0.0.204 ¹öÀü¡¯À¸·Î ¾÷µ¥ÀÌÆ®°¡ ÀÌ·ç¾îÁø´Ù.


Windows 8 ¿î¿µÃ¼Á¦¿ë Internet Explorer 10 ¹öÀü, Windows 8.1 ¿î¿µÃ¼Á¦¿ë Internet Explorer 11 ¹öÀü À¥ ºê¶ó¿ìÀú »ç¿ëÀÚ´Â Windows Update ÀÚµ¿ ¾÷µ¥ÀÌÆ® ±â´ÉÀ» ÅëÇØ ¡®Adobe Flash Player 18.0.0.194 ¹öÀü ¡æ Adobe Flash Player 18.0.0.203 ¹öÀü¡¯À¸·Î ¾÷µ¥ÀÌÆ®°¡ ÀÌ·ç¾îÁø´Ù.

[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]


<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>

  •  
  • 1
  • ÆäÀ̽ººÏ º¸³»±â Æ®À§ÅÍ º¸³»±â ³×À̹ö ¹êµå º¸³»±â Ä«Ä«¿À ½ºÅ丮 º¸³»±â ³×À̹ö ºí·Î±× º¸³»±â

  • ¡°
  •  SNS¿¡¼­µµ º¸¾È´º½º¸¦ ¹Þ¾Æº¸¼¼¿ä!! 
  • ¡±
¾Æ½ºÆ®·Ð½ÃÅ¥¸®Æ¼ ÆÄ¿öºñÁî 2023³â2¿ù23ÀÏ ½ÃÀÛ À§Áîµð¿£¿¡½º 2018
¼³¹®Á¶»ç
³»³â ȸ»ç¿¡ ²À µµÀÔÇÏ°í ½ÍÀº º¸¾È ¼Ö·ç¼Ç ¶Ç´Â Ç÷§ÆûÀº ¹«¾ùÀΰ¡¿ä?
XDR
EDR
AI º¸¾È
Á¦·ÎÆ®·¯½ºÆ®
°ø±Þ¸Á º¸¾È ü°è(SBOM)
Ŭ¶ó¿ìµå º¸¾È ¼Ö·ç¼Ç
±âŸ(´ñ±Û·Î)