English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 26444
À§Çèµµ 40
Æ÷Æ® 139,445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í ÇØ´ç ½Ã½ºÅÛ¿¡´Â Microsoft ATL(¾×Ƽºê ÅÛÇø´ ¶óÀ̺귯¸®)ÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡¿¡ ´ëÇÑ 2009³â 8¿ù Hotfix (MS09-037, 973908)°¡ ¼³Ä¡µÇ¾î ÀÖÁö ¾Ê´Ù.
ÀÌ ÆÐÄ¡´Â ÀϺΠ¿î¿µÃ¼Á¦¿¡¼­ º¸¾È °Ô½Ã¹°(MS08-048/26364, MS07-047/936782 , MS05-013/26121)¿¡¼­ Á¦°øµÈ ¾÷µ¥ÀÌÆ®¸¦ ´ëüÇÏ°í ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Microsoft ATL(¾×Ƽºê ÅÛÇø´ ¶óÀ̺귯¸®)ÀÇ ¸î °¡Áö Ãë¾àÁ¡À» ÇØ°áÇÑ´Ù. ÀÌ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ±¸¼º ¿ä¼Ò¸¦ ·ÎµåÇϰųª ¾Ç¼º À¥ »çÀÌÆ®¿¡¼­ È£½ºÆÃÇÏ´Â ÄÁÆ®·ÑÀ» ·ÎµåÇÏ´Â °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀÌ ¹ß»ýÇÒ ¼ö ÀÖ´Ù.
ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â ±¸¼º ¿ä¼Ò¿Í ÄÁÆ®·ÑÀÌ µ¥ÀÌÅÍ ½ºÆ®¸²¿¡¼­ ¾ÈÀüÇÏ°Ô ÃʱâÈ­ÇÒ ¼ö ÀÖ´Â Çì´õ¸¦ »ç¿ëÇÏ¿© ÀÛ¼ºµÇµµ·Ï ATL Çì´õ¸¦ ¼öÁ¤ÇÏ°í, ¼öÁ¤µÈ ATL Çì´õ¸¦ »ç¿ëÇÏ¿© ÀÛ¼ºµÈ Windows ±¸¼º ¿ä¼Ò ¹× ÄÁÆ®·ÑÀÇ ¾÷µ¥ÀÌÆ®µÈ ¹öÀüÀ» Á¦°øÇÏ¿© Ãë¾àÁ¡À» ÇØ°áÇÑ´Ù.

-¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡Àº ATLÇì´õ¿¡¼­ »ç¿ëÇÏ´Â 'CComVariang::ReadFromStream'ÇÔ¼öÀÇ °áÇÔÀ¸·Î
¸¶ÀÌÅ©·Î¼ÒÇÁÆ® ºñµð¿À ActiveX ÄÁÆ®·Ñ¿¡ ¿µÇâÀ» ¹ÌÄ£´Ù.

-¿ø°Ý ÄÚµå ½ÇÇà ¹®Á¦Á¡Àº 'IPersistStreamInit' ÀÎÅÍÆäÀ̽ºÀÇ ¹æ¹ýÀ¸·Î 'Load'¸¦ ½ÇÇàÇÏ´Â µ¿¾È ¿¡·¯¸¦ ¹ß»ý½ÃÅ´À¸·Î½á ¸¶ÀÌÅ©·Î ¼ÒÇÁÆ® Active Template Library¿¡ ¿µÇâÀ» ¹ÌÄ£´Ù.

-ATL Çì´õ¿¡¼­´Â °ø°ÝÀÚ°¡ Á¤È®ÇÏ°Ô ÃʱâÈ­µÇÁö ¾ÊÀº º¯¼ö¸¦ °­Á¦ÀûÀ¸·Î VariantClear ÇÒ ¼ö ÀÖ´Â ¹®Á¦°¡ ÀÖ´Ù.
ÀÌ´Â streamÀÇ ¼Õ»ó°ú ÀÓÀÇÀÇ Äڵ带 ½ÇÇà ÇÒ ¼ö ÀÖ°Ô ÇÑ´Ù.

-¾ÈÀüÇÏÁö ¾ÊÀº 'OleLoadFromStream'À» »ç¿ëÀº ÀÓÀÇÀÇ °´Ã¼¸¦ ÃʱâÈ­ÇÒ ¼ö ÀÖµµ·Ï Çã¿ëÇÔÀ¸·Î½á º¸¾È Á¤Ã¥À» ¿ìȸÇÒ ¼ö ÀÖµµ·Ï ÇÑ´Ù.

-ATL Çì´õÀÇ ¹ö±×´Â streamÀÇ º¯¼ö¸¦ ÀÐÀ» ¼ö ÀÖµµ·Ï Çã¿ëÇÏ°í À¯È¿ÇÏÁö ¾ÊÀº º¯¼ö¸¦ °¡Áö°í À¯È¿ÇÑ º¯¼ö¸¦ ÀνÄÇÒ ¼ö ÀÖ°Ô ÇÏ¿©
°ø°ÝÀÚ°¡ ¿ø°ÝÀ¸·Î ÀÓÀÇÀÇ Äڵ带 ½ÇÇà ÇÒ ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ ¿ø°ÝÁö È£½ºÆ®ÀÇ ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â Guest ȤÀº ±× ÀÌ»óÀÇ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://www.microsoft.com/technet/security/Bulletin/MS09-037.mspx

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
In Windows Media Player 11
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Vista
Windows Vista Service Pack 1 and Windows Vista Service Pack 2
Windows Vista x64 Edition
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2

In Windows ATL Component
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows Vista, Windows Vista Service Pack 1, and Windows Vista Service Pack 2
Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2

In Microsoft Outlook Express 6
Windows Server 2003 Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2003 x64 Edition Service Pack 2

In Windows Media Player 10
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2

In DHTML Editing Component ActiveX Control
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2

In Microsoft MSWebDVD ActiveX Control
Windows Server 2003 with SP2 for Itanium-based Systems
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 Service Pack 2
ÇØ°áÃ¥ ´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °Ô½Ã¹° MS09-037À» ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ´ëÇÑ ÀûÀýÇÑ ÆÐÄ¡(973908)¸¦ Àû¿ëÇÑ´Ù:
http://www.microsoft.com/technet/security/Bulletin/MS09-037.mspx
-- ¶Ç´Â --
Windows Ç÷§ÆûµéÀ» À§ÇÑ ÆÐÄ¡µéÀº ¶ÇÇÑ Microsoft Windows Update À¥ »çÀÌÆ®ÀÎ http://windowsupdate.microsoft.com ¿¡¼­µµ ±¸ÇÒ ¼ö ÀÖ´Ù. Windows Update´Â »ç¿ë ÁßÀÎ WindowsÀÇ ¹öÀüÀ» ÀÚµ¿À¸·Î ã¾Æ³»°í ÀûÀýÇÑ ÆÐÄ¡¸¦ Á¦°øÇØ ÁØ´Ù.
°ü·Ã URL CVE-2008-0015,CVE-2008-0020,CVE-2009-0901,CVE-2009-2493,CVE-2009-2494 (CVE)
°ü·Ã URL 35558,35585,35828,35832,35982 (SecurityFocus)
°ü·Ã URL (ISS)