English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 26652
À§Çèµµ 40
Æ÷Æ® 139.445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í ÇØ´ç ½Ã½ºÅÛ¿¡´Â ¡®Internet Explorer ´©Àû º¸¾È ¾÷µ¥ÀÌÆ®'¿¡ ´ëÇÑ Hotfix(MS13-059, 2862772)°¡ ¼³Ä¡µÇ¾î ÀÖÁö ¾Ê´Ù.
ÀÌ º¸¾È ¾÷µ¥ÀÌÆ®´Â Internet ExplorerÀÇ ºñ°ø°³ÀûÀ¸·Î º¸°íµÈ Ãë¾àÁ¡ 11°ÇÀ» ÇØ°áÇÑ´Ù. °¡Àå À§ÇèÇÑ Ãë¾àÁ¡À¸·Î ÀÎÇØ »ç¿ëÀÚ°¡ Internet Explorer¸¦ »ç¿ëÇÏ¿© Ư¼öÇÏ°Ô Á¶ÀÛµÈ À¥ ÆäÀÌÁö¸¦ º¼ °æ¿ì ¿ø°Ý ÄÚµå ½ÇÇàÀÌ Çã¿ëµÉ ¼ö ÀÖ´Ù. °¡Àå À§ÇèÇÑ Ãë¾àÁ¡ ¾Ç¿ë¿¡ ¼º°øÇÑ °ø°ÝÀÚ´Â ÇöÀç »ç¿ëÀÚ¿Í µ¿ÀÏÇÑ ±ÇÇÑÀ» ¾òÀ» ¼ö ÀÖ´Ù. ½Ã½ºÅÛ¿¡ ´ëÇÑ »ç¿ëÀÚ ±ÇÇÑÀÌ Àû°Ô ±¸¼ºµÈ °èÁ¤ÀÇ »ç¿ëÀÚ´Â °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ÀÛ¾÷ÇÏ´Â »ç¿ëÀÚ¿¡ ºñÇØ ¿µÇâÀ» Àû°Ô ¹Þ´Â´Ù.

- Internet Explorer ÇÁ·Î¼¼½º ¹«°á¼º ¼öÁØ ÇÒ´ç Ãë¾àÁ¡(CVE-2013-3186)
±ÇÇÑ »ó½Â Ãë¾àÁ¡ÀÌ Internet Explorer°¡ ƯÁ¤ »óȲ¿¡¼­ ÇÁ·Î¼¼½º ¹«°á¼º ¼öÁØ ÇÒ´çÀ» ó¸®ÇÏ´Â ¹æ½ÄÀ¸·Î Á¸ÀçÇÑ´Ù. ÀÌ Ãë¾àÁ¡ ¾Ç¿ë¿¡ ¼º°øÇÑ °ø°ÝÀÚ´Â »ó½ÂµÈ ±ÇÇÑÀ» »ç¿ëÇÏ¿© ÀÓÀÇ Äڵ带 ½ÇÇàÇÒ ¼ö ÀÖ´Ù.

- EUC-JP ¹®ÀÚ ÀÎÄÚµù Ãë¾àÁ¡(CVE-2013-3192)
Internet Explorer¿¡ »çÀÌÆ® °£ ½ºÅ©¸³Æà °ø°ÝÀ» ¼öÇàÇÒ ¼ö ÀÖ´Â Á¤º¸ À¯Ãâ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. °ø°ÝÀڴ Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¹®ÀÚ¿­À» À¥»çÀÌÆ®¿¡ »ðÀÔÇÏ¿© »ç¿ëÀÚ°¡ À¥»çÀÌÆ®¸¦ º¼ ¶§ Á¤º¸ À¯ÃâÀÌ ¹ß»ýÇϵµ·Ï ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÒ ¼ö ÀÖ´Ù.

- Internet ExplorerÀÇ ¿©·¯ ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡
Internet Explorer°¡ ¸Þ¸ð¸®ÀÇ °³Ã¼¿¡ ºÎÀûÀýÇÏ°Ô ¾×¼¼½ºÇÒ ¶§ ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. ÀÌ Ãë¾àÁ¡À¸·Î ÀÎÇØ ¸Þ¸ð¸®°¡ ¼Õ»óµÇ°í °ø°ÝÀÚ°¡ ÇöÀç »ç¿ëÀÚÀÇ ÄÁÅؽºÆ®¿¡¼­ ÀÓÀÇ Äڵ带 ½ÇÇàÇÒ ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ È£½ºÆ®·Î ·Î±×ÀÎ ÇÒ ¼ö ÀÖ´Â °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://technet.microsoft.com/ko-kr/security/bulletin/ms13-059
http://www.zerodayinitiative.com/advisories/ZDI-13-193/
http://www.zerodayinitiative.com/advisories/ZDI-13-194/
http://www.zerodayinitiative.com/advisories/ZDI-13-195/
http://www.zerodayinitiative.com/advisories/ZDI-13-196/
http://www.zerodayinitiative.com/advisories/ZDI-13-197/
http://www.zerodayinitiative.com/advisories/ZDI-13-198/

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Internet Explorer 6
Internet Explorer 7
Internet Explorer 8
Internet Explorer 9
Internet Explorer 10
ÇØ°áÃ¥ ´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °Ô½Ã¹° MS13-059¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ´ëÇÑ ÀûÀýÇÑ ÆÐÄ¡(2862772)¸¦ Àû¿ëÇÑ´Ù:
https://technet.microsoft.com/ko-kr/security/bulletin/ms13-059
-- ¶Ç´Â --
Windows Ç÷§ÆûµéÀ» À§ÇÑ ÆÐÄ¡µéÀº ¶ÇÇÑ Microsoft Windows Update À¥ »çÀÌÆ®ÀÎ http://windowsupdate.microsoft.com ¿¡¼­µµ ±¸ÇÒ ¼ö ÀÖ´Ù. Windows Update´Â »ç¿ë ÁßÀÎ WindowsÀÇ ¹öÀüÀ» ÀÚµ¿À¸·Î ã¾Æ³»°í ÀûÀýÇÑ ÆÐÄ¡¸¦ Á¦°øÇØ ÁØ´Ù.
°ü·Ã URL CVE-2013-3184,CVE-2013-3186,CVE-2013-3187,CVE-2013-3188,CVE-2013-3189,CVE-2013-3190,CVE-2013-3191,CVE-2013-3192,CVE-2013-3193,CVE-2013-3194 (CVE)
°ü·Ã URL 61663,61664,61668,61669,61670,61671,61675,61677,61678,61679,61680 (SecurityFocus)
°ü·Ã URL (ISS)