¾ÆÀ̵ðÀúÀå
 
   
Home > Give & Take > CONCERT Hot Line
Çѱ¹Ä§ÇØ»ç°í´ëÀÀÆÀÇùÀÇȸ
  MS Font µå¶óÀ̹ö ¿ø°ÝÄÚµå ½ÇÇà ½Å±Ô Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í
  »ç¹«±¹   °ü¸®ÀÚ   2015-07-21   

ÇØÅ·ÆÀÀÇ ÇØÅ·ÀÚ·á ºÐ¼®¿¡¼­ ¹ß°ßµÈ »õ·Î¿î Á¦·Îµ¥ÀÌ Ãë¾àÁ¡À¸·Î
MS Font µå¶óÀ̹ö ¿ø°ÝÄÚµå ½ÇÇà ½Å±Ô Ãë¾àÁ¡°ú ÆÐÄ¡°¡ ¹ßÇ¥µÇ¾ú½À´Ï´Ù.

°ø°ÝÀÚ´Â ÇØ´ç Ãë¾àÁ¡À¸·Î Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¹®¼­³ª À¥ ÆäÀÌÁö¸¦ Á¦ÀÛÇØ »ç¿ëÀÚÀÇ ¿­¶÷À» À¯µµÇÏ¿© ¾Ç¼ºÄÚµå À¯Æ÷ °¡´ÉÇÑ Ãë¾àÁ¡À¸·Î MS¿¡¼­ ¿ù°£ Á¤±â ÆÐÄ¡¹èÆ÷ÀÏÁ¤À» µû¸£Áö ¾Ê°í ±ä±Þ ¹èÆ÷ÇÑ ÆÐÄ¡ÀÌ¹Ç·Î ÇØ´çµÇ´Â ½Ã½ºÅÛÀ» ¿î¿ëÁßÀΠȸ¿ø»ç¿¡¼­´Â Çϱ⠳»¿ëÀ» Âü°íÇÏ½Ã¾î ÆÐÄ¡ ¶Ç´Â ¿ÀÇŸÀÔÆùÆ®¸¦ »ç¿ëÇÏÁö ¾Êµµ·Ï Á¶Ä¡ÇϽñ⠹ٶø´Ï´Ù.


À̽ºÆ®¼ÒÇÁÆ® º¸¾ÈÀ̽´ºÐ¼® ºí·Î±×
¿ÀÇŸÀÔ ÆùÆ® µå¶óÀ̹ö Ãë¾àÁ¡ (CVE-2015-2426) ÁÖÀÇ!
http://blog.alyac.co.kr/381

ÇϿ츮 º¸¾È°øÁö
[±ä±Þ] OpenType fonts ÃֽŠÃë¾àÁ¡ (CVE-2015-2426) ÁÖÀÇ
http://www.hauri.co.kr/information/notice_view.html?intSeq=174&page=1



========================================================================
KrCERT °øÁö

°³¿ä
  • ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®´Â Font µå¶óÀ̹ö¿¡¼­ ¿ø°ÝÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ ½Å±Ô Ãë¾àÁ¡À» º¸¿ÏÇÑ º¸¾È ÆÐÄ¡¸¦ ¹ßÇ¥[1]
  • °ø°ÝÀÚ´Â ÇØ´ç Ãë¾àÁ¡À¸·Î Ư¼öÇÏ°Ô Á¶ÀÛµÈ ¹®¼­³ª À¥ ÆäÀÌÁö¸¦ Á¦ÀÛÇØ »ç¿ëÀÚÀÇ ¿­¶÷À» À¯µµÇÏ¿© ¾Ç¼ºÄÚµå À¯Æ÷ °¡´É
¼³¸í
  • OpenType ÆùÆ®¿¡¼­ ¹ß°ßµÈ ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2015-2426, MS15-078)
ÇØ´ç ½Ã½ºÅÛ
  • ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
    - Windows Vista Service Pack 2
    - Windows Vista x64 Edition Service Pack 2
    - Windows Server 2008 for 32-bit Systems Service Pack 2
    - Windows Server 2008 for x64-based Systems Service Pack 2
    - Windows Server 2008 for Itanium-based Service Pack 2
    - Windows 7 for 32-bit Systems Service Pack 1
    - Windows 7 for x64-based Systems Service Pack 1
    - Windows Server 2008 R2 for x64-based Systems Service Pack 1
    - Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
    - Windows 8 for 32-bit Systems
    - Windows 8 for x64-based Systems
    - Windows 8.1 for 32-bit Systems
    - Windows 8.1 for x64-based Systems
    - Windows Server 2012
    - Windows Server 2012 R2
    - Windows RT
    - Windows RT 8.1
    - Windows Server 2008 for 32-bit System Service Pack 2(Server Core installation)
    - Windows Server 2008 for x64-based System Service Pack 2(Server Core installation)
    - Windows Server 2008 R2 for x64-based System Service Pack 1(Server Core installation)
    - Windows Server 2012(Server Core installation)
    - Windows Server 2012 R2(Server Core installation)
ÇØ°á¹æ¾È
  • Windows ÀÚµ¿ ¾÷µ¥ÀÌÆ®¸¦ ÅëÇÑ ¾÷µ¥ÀÌÆ® ½Ç½Ã
    - ÀÚµ¿ ¾÷µ¥ÀÌÆ® : ½ÃÀÛ ¡æ ¸ðµç ÇÁ·Î±×·¥ ¡æ Windows Update ½ÇÇà
[Âü°í»çÀÌÆ®]
[1] https://technet.microsoft.com/en-us/library/security/MS15-078

=============================================================================
  CONCERT Hot Line °Ô½ÃÆÇ ÀÌ¿ë¾È³» »ç¹«±¹ 2013-04-10
401   ±¹³» ÀºÇà´ë»ó DDoS °ø°Ý Çù¹Ú »ç¹«±¹ 2017-06-21
400   3/28 ñé ȫĿ¿¬¸ÍÀÇ Çѱ¹ À¥»çÀÌÆ® °ø°Ý¿¹°í¿¡ ´ë¡¦ »ç¹«±¹ 2017-03-22
399   °³ÀÎÁ¤º¸º¸È£¹ý ÇØ¼³¼­&°³ÀÎÁ¤º¸ÀÇ ¾ÈÁ¤¼ºÈ®º¸Á¶¡¦ »ç¹«±¹ 2017-01-05
398   À¥ ºê¶ó¿ìÀú ¾ÏÈ£ °íµµÈ­ Á¤Ã¥¿¡ µû¸¥ ÁÖÀÇ ±Ç°í »ç¹«±¹ 2016-01-06
397   MS Font µå¶óÀ̹ö ¿ø°ÝÄÚµå ½ÇÇà ½Å±Ô Ãë¾àÁ¡ º¸¡¦ »ç¹«±¹ 2015-07-21
396   [KrCERT] HTTP.sys Ãë¾àÁ¡(CVE-2015-1635) º¸¾ÈÁ¶¡¦ »ç¹«±¹ 2015-04-16
395   Á¤º¸º¸¾È ±â»ç/»ê¾÷±â»ç ÀúÀÚ¹«·áƯº°°­ÀÇ wjcio 2015-03-11
394   À©µµ¼­¹ö 2003 º¸¾È ¼­ºñ½º Áö¿ø Á¾·á °ü·Ã º¸¾È ¡¦ »ç¹«±¹ 2015-03-09
393   [KrCERT]¸®´ª½º Ghost Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í »ç¹«±¹ 2015-01-29
392   Gnu bash Ãë¾àÁ¡(ShellShock) Á¶Ä¡ ÇöȲ Á¶»ç ¿ä¡¦ »ç¹«±¹ 2014-10-01
391   [KrCERT]OpenSSL ´ÙÁß Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í¡¦ »ç¹«±¹ 2014-06-10
390   [KISA/±ÝÀ¶º¸¾È¿¬±¸¿ø]OpenSSL ´ÙÁßÃë¾àÁ¡ º¸¾È¾÷¡¦ »ç¹«±¹ 2014-06-09
389   [KrCERT/CC]GoZeus, CryptoLocker ¾Ç¼ºÄÚµå ÇÇÇØ¡¦ »ç¹«±¹ 2014-06-03
388   MS IE Á¦·Îµ¥ÀÌ Ãë¾àÁ¡ Á¶Ä¡¹æ¹ý °øÀ¯ »ç¹«±¹ 2014-04-30
387   KISA, OpenSSLÀÇ Ãë¾àÁ¡ ¾Ç¿ëÇÑ °ø°Ý ÁÖÀÇ ´çºÎ »ç¹«±¹ 2014-04-10
   1 2 3 4 5 6 7 8 9 10    
 
°³ÀÎÁ¤º¸Ãë±Þ¹æÄ§