English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 26196
À§Çèµµ 40
Æ÷Æ® 139,445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í ÇØ´ç ½Ã½ºÅÛ¿¡´Â Internet Explorer¿¡ ´ëÇÑ 2006³â 4¿ù ´©Àû ÆÐÄ¡(Cumulative Patch)¿ë Hotfix (MS06-013, 912812)°¡ ¼³Ä¡µÇ¾î ÀÖÁö ¾Ê´Ù. ÀÌ ÆÐÄ¡´Â ´©Àû ¾÷µ¥ÀÌÆ®ÀÎ º¸¾È °Ô½Ã¹° (MS05-054, 905915)¿¡¼­ Á¦°øµÈ ¾÷µ¥ÀÌÆ®¸¦ ´ëüÇÏ°í »õ·Î ¹ß°ßµÈ ´ÙÀ½ÀÇ °ø°³ Ãë¾àÁ¡¿¡ ´ëÇÑ ÇØ°áÃ¥À» Æ÷ÇÔÇÏ°í ÀÖ´Ù:

- DHTML Method Call ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-1359): ¿ø°Ý ÄÚµå ½ÇÇà
- Multiple Event Handler ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-1245): ¿ø°Ý ÄÚµå ½ÇÇà
- HTA ½ÇÇà Ãë¾àÁ¡ (CVE-2006-1388): ¿ø°Ý ÄÚµå ½ÇÇà
- HTML Parsing Ãë¾àÁ¡ (CVE-2006-1185): ¿ø°Ý ÄÚµå ½ÇÇà
- COM Object ÀνºÅϽº »ý¼º ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-1186): ¿ø°Ý ÄÚµå ½ÇÇà
- HTML Tag ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-1188): ¿ø°Ý ÄÚµå ½ÇÇà
- Double ¹ÙÀÌÆ® ¹®ÀÚ Parsing ¸Þ¸ð¸® Á¶ÀÛ Ãë¾àÁ¡ (CVE-2006-1189): ¿ø°Ý ÄÚµå ½ÇÇà
- ½ºÅ©¸³Æ® ½ÇÇà Ãë¾àÁ¡ (CVE-2006-1190): ¿ø°Ý ÄÚµå ½ÇÇà
- Cross-Domain Á¤º¸ ³ëÃâ Ãë¾àÁ¡ (CVE-2006-1191): Á¤º¸ ³ëÃâ
- Address Bar Spoofing Ãë¾àÁ¡ (CVE-2006-1192): ½ºÇªÇÎ(Spoofing)

»ç¿ëÀÚ°¡ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ·Î±×¿ÂÇÑ °æ¿ì, °ø°ÝÀÚ°¡ ÀÌ Ãë¾àÁ¡ÀÇ °¡Àå ½É°¢ÇÑ ºÎºÐÀ» ¼º°øÀûÀ¸·Î ¾Ç¿ëÇÑ´Ù¸é ÇÁ·Î±×·¥ ¼³Ä¡, µ¥ÀÌÅÍ º¸±â, º¯°æ ¶Ç´Â »èÁ¦, ¸ðµç ±ÇÇÑÀ» °¡Áø »õ °èÁ¤ ¸¸µé±â µîÀÇ ÀÛ¾÷À» Æ÷ÇÔÇÏ¿© ÇØ´ç ½Ã½ºÅÛÀ» ¿ÏÀüÈ÷ Á¦¾îÇÒ ¼ö ÀÖ´Ù. ½Ã½ºÅÛ¿¡ ´ëÇÑ ³·Àº ±ÇÇÑÀÌ ÇÒ´çµÇ¾î ÀÖ´Â °èÁ¤ÀÇ »ç¿ëÀÚ´Â °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ÀÛ¾÷ÇÏ´Â »ç¿ëÀÚ¿¡ ºñÇØ À§Ç輺ÀÌ ³·´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ ¿ø°ÝÁö È£½ºÆ®ÀÇ ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â Guest ȤÀº ±× ÀÌ»óÀÇ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Internet Explorer 5.01 SP3 on Windows 2000 SP3
Internet Explorer 5.01 SP4 on Windows 2000 SP4
Internet Explorer 5.5 SP2 on Microsoft Windows ME
Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4, Windows XP SP1
Internet Explorer 6 SP1 on Microsoft Windows 98, ME
Internet Explorer 6 for Windows XP SP1 (64-Bit Edition)
Internet Explorer 6 for Windows XP 64-Bit Edition Version 2003
Internet Explorer 6 for Windows XP SP2
Internet Explorer 6 for Windows Server 2003 SP1
Internet Explorer 6 for Windows Server 2003 64-Bit Edition
ÇØ°áÃ¥ ´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °Ô½Ã¹° MS06-013À» ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ´ëÇÑ ÀûÀýÇÑ ÆÐÄ¡(912812)¸¦ Àû¿ëÇÑ´Ù:
http://www.microsoft.com/technet/security/bulletin/ms06-013.mspx

-- ¶Ç´Â --

Windows Ç÷§ÆûµéÀ» À§ÇÑ ÆÐÄ¡µéÀº ¶ÇÇÑ Microsoft Windows Update À¥ »çÀÌÆ®ÀÎ http://windowsupdate.microsoft.com ¿¡¼­µµ ±¸ÇÒ ¼ö ÀÖ´Ù. Windows Update´Â »ç¿ë ÁßÀÎ WindowsÀÇ ¹öÀüÀ» ÀÚµ¿À¸·Î ã¾Æ³»°í ÀûÀýÇÑ ÆÐÄ¡¸¦ Á¦°øÇØ ÁØ´Ù.
°ü·Ã URL CVE-2006-1359,CVE-2006-1245,CVE-2006-1388,CVE-2006-1185,CVE-2006-1186,CVE-2006-1188,CVE-2006-1189,CVE-2006-1190,CVE-2006-1191,CVE-2006-1192 (CVE)
°ü·Ã URL 17131,17181,17196 (SecurityFocus)
°ü·Ã URL 25379,25394,25292,25547,25551 (ISS)