Adobe Flash Player, Photoshop, Bridge ½Å±Ô Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
[º¸¾È´º½º ±è°æ¾Ö] ¾îµµºñ(Adobe) »ç´Â Photoshop CC, Bridge CC¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡°ú Flash Player¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù. µû¶ó¼ ³·Àº ¹öÀü »ç¿ëÀÚ´Â ¾Ç¼ºÄÚµå °¨¿°¿¡ Ãë¾àÇÒ ¼ö ÀÖÀ¸¹Ç·Î ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.
¹ß°ßµÈ 25°³ Ãë¾àÁ¡Àº ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â À¯Çü È¥µ· Ãë¾àÁ¡(CVE-2016-0985) ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â use-after-free Ãë¾àÁ¡(CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984) µîÀ¸·Î º¸¾È¾÷µ¥ÀÌÆ®°¡ ¿Ï·áµÆ´Ù.
¶ÇÇÑ ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â Èü ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡(CVE-2016-0971) ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-0951, CVE-2016-0952, CVE-2016-0953, CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981) µîµµ ÇØ°áµÆ´Ù.
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î´Â ´ÙÀ½°ú °°´Ù.
ÀÌ¿¡ µû¶ó À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Photoshop CC »ç¿ëÀÚ´Â Adobe Photoshop CC 2015 16.1.2(2015.1.2) ¹öÀü ¶Ç´Â Adobe Photoshop CC 2014 15.2.4(2014.2.4) ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
¶ÇÇÑ, À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Flash Player desktop runtime »ç¿ëÀÚ´Â 20.0.0.306(Internet Explorer) ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ÇØ¾ß ÇÑ´Ù.
À̸¦ À§Çؼ´Â Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡ÇÏ°í, ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÀÌ¿ëÇØ ¾÷±×·¹À̵åÇØ¾ß ÇÑ´Ù. Adobe Flash Player Extended Support Release »ç¿ëÀÚ´Â 18.0.0.329 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
¸®´ª½º ȯ°æÀÇ Adobe Flash Player »ç¿ëÀÚ´Â 11.2.202.569 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù. ¶ÇÇÑ, ±¸±Û Å©·Ò ¹× Microsoft EdgeÀÇ ÀÎÅÍ³Ý ÀͽºÇ÷η¯¿¡ Adobe Flash Player¸¦ ¼³Ä¡ÇÑ »ç¿ëÀÚ´Â ÀÚµ¿À¸·Î ÃֽŠ¾÷µ¥ÀÌÆ®¸¦, AIR desktop runtime, AIR SDK °ú Compiler, AIR for Android »ç¿ëÀÚ´Â 20.0.0.260 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ¿¡ ¹®ÀÇ(±¹¹ø ¾øÀÌ 118)ÇÏ¸é µÈ´Ù.
[¿ë¾î Á¤¸®]
Double Free Ãë¾àÁ¡ : ƯÁ¤ Èü ¿µ¿ªÀ» µÎ¹ø ÇØÁ¦½ÃÄÑ ¸Þ¸ð¸® Æ÷ÀÎÅ͸¦ Á¶ÀÛÇÒ ¼ö ÀÖ´Â Ãë¾àÁ¡
Use-After-Free Ãë¾àÁ¡ : ¼ÒÇÁÆ®¿þ¾î ±¸Çö ½Ã µ¿Àû ȤÀº Á¤ÀûÀ¸·Î ÇÒ´çµÈ ¸Þ¸ð¸®¸¦ ÇØÁ¦ÇßÀ½¿¡µµ ºÒ±¸ÇÏ°í À̸¦ °è¼Ó ÂüÁ¶(»ç¿ë)ÇÏ¿© ¹ß»ýÇÏ´Â Ãë¾àÁ¡
[Âü°í»çÀÌÆ®]
[1] https://helpx.adobe.com/security/products/photoshop/apsb16-03.html
[2] https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
[º¸¾È´º½º ±è°æ¾Ö] ¾îµµºñ(Adobe) »ç´Â Photoshop CC, Bridge CC¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡°ú Flash Player¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù. µû¶ó¼ ³·Àº ¹öÀü »ç¿ëÀÚ´Â ¾Ç¼ºÄÚµå °¨¿°¿¡ Ãë¾àÇÒ ¼ö ÀÖÀ¸¹Ç·Î ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.
¹ß°ßµÈ 25°³ Ãë¾àÁ¡Àº ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â À¯Çü È¥µ· Ãë¾àÁ¡(CVE-2016-0985) ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â use-after-free Ãë¾àÁ¡(CVE-2016-0973, CVE-2016-0974, CVE-2016-0975, CVE-2016-0982, CVE-2016-0983, CVE-2016-0984) µîÀ¸·Î º¸¾È¾÷µ¥ÀÌÆ®°¡ ¿Ï·áµÆ´Ù.
¶ÇÇÑ ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â Èü ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡(CVE-2016-0971) ¡âÀÓÀÇÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-0951, CVE-2016-0952, CVE-2016-0953, CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, CVE-2016-0981) µîµµ ÇØ°áµÆ´Ù.
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î´Â ´ÙÀ½°ú °°´Ù.
ÀÌ¿¡ µû¶ó À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Photoshop CC »ç¿ëÀÚ´Â Adobe Photoshop CC 2015 16.1.2(2015.1.2) ¹öÀü ¶Ç´Â Adobe Photoshop CC 2014 15.2.4(2014.2.4) ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
¶ÇÇÑ, À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Flash Player desktop runtime »ç¿ëÀÚ´Â 20.0.0.306(Internet Explorer) ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ÇØ¾ß ÇÑ´Ù.
À̸¦ À§Çؼ´Â Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡ÇÏ°í, ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÀÌ¿ëÇØ ¾÷±×·¹À̵åÇØ¾ß ÇÑ´Ù. Adobe Flash Player Extended Support Release »ç¿ëÀÚ´Â 18.0.0.329 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
¸®´ª½º ȯ°æÀÇ Adobe Flash Player »ç¿ëÀÚ´Â 11.2.202.569 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù. ¶ÇÇÑ, ±¸±Û Å©·Ò ¹× Microsoft EdgeÀÇ ÀÎÅÍ³Ý ÀͽºÇ÷η¯¿¡ Adobe Flash Player¸¦ ¼³Ä¡ÇÑ »ç¿ëÀÚ´Â ÀÚµ¿À¸·Î ÃֽŠ¾÷µ¥ÀÌÆ®¸¦, AIR desktop runtime, AIR SDK °ú Compiler, AIR for Android »ç¿ëÀÚ´Â 20.0.0.260 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ¿¡ ¹®ÀÇ(±¹¹ø ¾øÀÌ 118)ÇÏ¸é µÈ´Ù.
[¿ë¾î Á¤¸®]
Double Free Ãë¾àÁ¡ : ƯÁ¤ Èü ¿µ¿ªÀ» µÎ¹ø ÇØÁ¦½ÃÄÑ ¸Þ¸ð¸® Æ÷ÀÎÅ͸¦ Á¶ÀÛÇÒ ¼ö ÀÖ´Â Ãë¾àÁ¡
Use-After-Free Ãë¾àÁ¡ : ¼ÒÇÁÆ®¿þ¾î ±¸Çö ½Ã µ¿Àû ȤÀº Á¤ÀûÀ¸·Î ÇÒ´çµÈ ¸Þ¸ð¸®¸¦ ÇØÁ¦ÇßÀ½¿¡µµ ºÒ±¸ÇÏ°í À̸¦ °è¼Ó ÂüÁ¶(»ç¿ë)ÇÏ¿© ¹ß»ýÇÏ´Â Ãë¾àÁ¡
[Âü°í»çÀÌÆ®]
[1] https://helpx.adobe.com/security/products/photoshop/apsb16-03.html
[2] https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
±è°æ¾Ö±âÀÚ ±â»çº¸±â
[2025-04-07] 
.jpg)
(0).jpg){kind=spacer}
