[º¸¾È´º½º ¿øº´Ã¶ ±âÀÚ] ¿¬¸»¿¬½Ã·Î Á¢¾îµé¸é¼ ÃÖ´ë ¼îÇνÃÁðÀ» ³ë¸®°Å³ª ¸¶À½ÀÌ ´À½¼ÇØÁø »ç¶÷µéÀÇ ½É¸®¸¦ °Ü³ÉÇÏ´Â ÇØÅ· °ø°ÝÀÌ ´Ã¾î³ª°í ÀÖ´Â °ÍÀϱî? ÀÚ°í ÀϾ¸é »õ·Î¿î º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í°¡ À̾îÁö°í ÀÖ´Ù. À̹ø¿£ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®(MS)¿Í ¾îµµºñ(Adobe), ±×¸®°í ¾ÖÇÃ(Apple)ÀÌ °¢°¢ Á¤±â, ½Å±Ô º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ±Ç°íÇß´Ù.
MS, 12¿ù º¸¾È À§Çù¿¡ µû¸¥ Á¤±â º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
MS´Â 12¿ù º¸¾È À§Çù¿¡ µû¸¥ Á¤±â º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù. À̹ø 12¿ù º¸¾È ¾÷µ¥ÀÌÆ®´Â ÃÑ 12Á¾À¸·Î ±ä±Þ(Critical) 6Á¾, Áß¿ä(Important) 6Á¾À¸·Î µÇ¾î ÀÖ´Ù. ±ä±Þ ¾÷µ¥ÀÌÆ®´Â Windows, Internet Explorer, Edge, Office, Office Service, Web Apps µî ¸Å¿ì ´Ù¾çÇϸç, Áß¿ä ¾÷µ¥ÀÌÆ®´Â ´ëºÎºÐ Windows¿Í ¿¬°üÀÌ ÀÖ´Ù.
±ä±Þ ¾÷µ¥ÀÌÆ®¸¦ Áß½ÉÀ¸·Î °£´ÜÇÏ°Ô »ìÆ캸¸é, Internet Explorer¿ë ´©Àû º¸¾È ¾÷µ¥ÀÌÆ® ¡®MS16-144¡¯´Â ÀÌ¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¦ÀÛµÈ ¾Ç¼º À¥ÆäÀÌÁö¸¦ ¹æ¹®ÇÏ´Â °æ¿ì, ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÏ´Â Ãë¾àÁ¡À¸·Î, ´ÙÁß Á¤º¸ ³ëÃâ Ãë¾àÁ¡(CVE-2016-7278, 7282, 7284), ´ÙÁß ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-7202, 7279, 7283, 7287), ºê¶ó¿ìÀú º¸¾È ±â´É ¿ìȸ Ãë¾àÁ¡(CVE-2016-7281)À» ÆÐÄ¡Çß´Ù.
Edge¿ë ´©Àû º¸¾È ¾÷µ¥ÀÌÆ®´Â ÀÌ¿ëÀÚ°¡ Edge¸¦ ÀÌ¿ëÇØ Æ¯¼öÇÏ°Ô Á¦ÀÛµÈ ¾Ç¼º À¥ÆäÀÌÁö¸¦ ¹æ¹®ÇÏ´Â °æ¿ì, ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÏ´Â Ãë¾àÁ¡À» ÇØ°áÇÑ ¾÷µ¥ÀÌÆ®´Ù. MS ±×·¡ÇÈ ±¸¼º ¿ä¼Ò¿ë º¸¾È ¾÷µ¥ÀÌÆ®µµ ³ª¿Ô´Ù. Ư¼öÇÏ°Ô Á¦ÀÛµÈ À¥»çÀÌÆ®³ª ¾Ç¼º ¹®¼¸¦ ¿¶÷ÇÒ °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀ» Çã¿ëÇÏ´Â Ãë¾àÁ¡ÀÌ´Ù.
À̹ۿ¡µµ Microsoft ±×·¡ÇÈ ±¸¼º ¿ä¼Ò¿ë º¸¾È ¾÷µ¥ÀÌÆ®¿Í Microsoft Uniscribe¿ë º¸¾È ¾÷µ¥ÀÌÆ®µî ÃÑ 12Á¾ÀÇ ¾÷µ¥ÀÌÆ®°¡ ¹ßÇ¥µÆ´Ù. °¢°¢ÀÇ Ãë¾àÁ¡¿¡ ´ëÇÑ Âü°í»çÀÌÆ®´Â ´ÙÀ½°ú °°´Ù.
[MS16-144]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-144
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-144
[MS16-145]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-145
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-145
[MS16-146]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-146
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-146
[MS16-147]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-147
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-147
[MS16-148]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-148
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-148
[MS16-149]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-149
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-149
[MS16-150]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-150
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-150
[MS16-151]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-151
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-151
[MS16-152]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-152
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-152
[MS16-153]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-153
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-153
[MS16-154]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-154
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-154
[MS16-155]
ÇÑ±Û : https://technet.microsoft.com/ko-kr/library/security/MS16-155
¿µ¹® : https://technet.microsoft.com/en-us/library/security/MS16-155
Adobe Flash Player ½Å±Ô Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
¾îµµºñ´Â Adobe Flash Player¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù. Adobe´Â ³·Àº ¹öÀü »ç¿ëÀÚ´Â ¾Ç¼ºÄÚµå °¨¿°¿¡ Ãë¾àÇÒ ¼ö ÀÖÀ¸¹Ç·Î ÇØ°á¹æ¾È¿¡ µû¶ó ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇÒ °ÍÀ» ±Ç°íÇß´Ù.
À̹ø ¾÷µ¥ÀÌÆ®¿¡´Â ÀÓÀÇ ÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¡®Use-After-Free Ãë¾àÁ¡(CVE-2016-7872, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7892)¡¯, ÀÓÀÇ ÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¡®¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡(CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870)¡¯, ÀÓÀÇ ÄÚµå ½ÇÇàÀ¸·Î À̾îÁú ¼ö ÀÖ´Â ¡®¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-7871, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876)¡¯, ±âÁ¸¿¡ ÆÐÄ¡µÈ Ãë¾àÁ¡¿¡ ´ëÇÑ º¸¾È ¿ìȸ Ãë¾àÁ¡(CVE-2016-7890) µîÀÌ´Ù.
ÇØ°á¹æ¾ÈÀ¸·Î´Â À©µµ¿ìÁî, ¸Æ ȯ°æÀÇ Adobe Flash Player Desktop Runtime »ç¿ëÀÚ´Â 24.0.0.186 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇÏ¸é µÈ´Ù. À̸¦ À§ÇØ Adobe Flash Player Download Center(http://www.adobe.com/go/getflash)¿¡ ¹æ¹®ÇØ ÃֽŠ¹öÀüÀ» ¼³Ä¡Çϰųª ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÀÌ¿ëÇÏ¿© ¾÷±×·¹À̵åÇÏ¸é µÈ´Ù. ¶ÇÇÑ, Adobe Flash Player Extended Support Release »ç¿ëÀÚ´Â 24.0.0.186 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇÏ¸é µÈ´Ù. ¹Ý¸é, Windows 10 ¹× Windows 8.1¿¡¼ ±¸±Û Å©·Ò, Microsoft Edge, ÀÎÅÍ³Ý ÀͽºÇ÷η¯ 11¿¡ Adobe Flash Player¸¦ ¼³Ä¡ÇÑ »ç¿ëÀÚ´Â ÀÚµ¿À¸·Î ÃֽŠ¾÷µ¥ÀÌÆ®°¡ Àû¿ëµÇ¸ç, ¸®´ª½º ȯ°æÀÇ Adobe Flash Player »ç¿ëÀÚ´Â 24.0.0.186 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
[Âü°í»çÀÌÆ®]
https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
Apple(tvOS, iOS, macOS, Safari, iTunes, iCloud) º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
¾ÖÇÿ¡¼µµ tvOS, iOS, macOS, Safari, iTunes, iCloud µî¿¡ ´ëÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù. ¾ÖÇÃÀº ÀÚ»ç Á¦Ç°¿¡ ´ëÇØ ´Ù¼öÀÇ Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È¾÷µ¥ÀÌÆ®¸¦ °øÁöÇߴµ¥, °ø°ÝÀÚ°¡ Ãë¾àÁ¡À» ÀÌ¿ëÇØ ÇÇÇظ¦ ¹ß»ý½Ãų ¼ö ÀÖ¾î ÇØ´ç ¾ÖÇà Á¦Ç° ÀÌ¿ëÀÚµéÀº ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.
ÇØ´ç º¸¾È ¾÷µ¥ÀÌÆ®¿¡´Â tvOSÀÇ Profiles¿¡¼ ¹ß»ýÇÏ´Â ÀÓÀÇ ÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2016-7626) ¿Ü 48°Ç, iOSÀÇ CoreText¿¡¼ ¹ß»ýÇÏ´Â ´ÙÁß ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-7595) ¿Ü 63°Ç, macOSÀÇ Bluetooth¿¡¼ ¹ß»ýÇÏ´Â ÀÓÀÇ ÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2016-7596) ¿Ü 71°Ç, SafariÀÇ Safari Reader¿¡¼ ¹ß»ýÇÏ´Â XSS Ãë¾àÁ¡(CVE-2016-7650) ¿Ü 23°Ç, iTunesÀÇ WebKit¿¡¼ ¹ß»ýÇÏ´Â ÀÓÀÇ ÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2016-7652) ¿Ü 22°Ç, iCloudÀÇ WebKit¿¡¼ ¹ß»ýÇÏ´Â Á¤º¸ ³ëÃâ Ãë¾àÁ¡(CVE-2016-7586) ¿Ü 23°Ç µîÀÌ´Ù.
[Âü°í»çÀÌÆ®]
https://support.apple.com/en-us/HT207425
https://support.apple.com/en-us/HT207422
https://support.apple.com/en-us/HT207423
https://support.apple.com/en-us/HT207421
https://support.apple.com/en-us/HT207427
https://support.apple.com/en-us/HT207424
3°³ ȸ»ç¿¡¼ ¹ßÇ¥ÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¿¡ ´ëÇÑ º¸´Ù ±¸Ã¼ÀûÀÎ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø¾øÀÌ 118)·Î ¹®ÀÇÇÏ¸é µÈ´Ù.
[¿øº´Ã¶ ±âÀÚ(boanone@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>