â æ¨çåæ»æã«ããã¦å©ç¨ããã Adobe Flash Player ã®èå¼±æ§ãCVE-2012-0779ã Adobe ã¯ã2012å¹´5æ5æ¥ãâAdobe Flash Playerâ ã®è¤æ°ã®ãã¼ã¸ã§ã³ã«åå¨ããèå¼±æ§ãCVE-2012-0779ããä¿®æ£ããã¨çºè¡¨ãã¾ããããç±³å½ã®ã»ãã¥ãªãã£å°é家ãéå¶ããã»ãã¥ãªãã£ããã°ãKrebsonSecurityaãã§ã¯ããã®èå¼±æ§ãå©ç¨ããæ¨çåæ»æã«ã¤ãã¦å ±åããã®æ¨çåæ»æã§ã¯ãEã¡ã¼ã«ã¨ãã¦ã³ã³ãã¥ã¼ã¿ã«ä¾µå ¥ããä¸æ£ãªæ·»ä»ãã¡ã¤ã«ã®å®è¡ãã¦ã¼ã¶ã«ä¿ãã¾ããããã¦ããã®åé¡ã®æ·»ä»ãã¡ã¤ã«ãããã®ä¿®æ£ãããã°ããã®èå¼±æ§ãå©ç¨ããã®ã§ããCVE-2012-0779 ãå©ç¨ãããã¨ãæ»æè ã«ãã£ã¦ãã®ã³ã³ãã¥ã¼ã¿ãä¹ã£åãããæããããã¾ãã ãTrendLabsï¼ãã¬ã³ãã©ãï¼ãã§ã¯ãå®å¨ããçµç¹ããéãããããã«è£ ã Wordãã¡ã¤ã«
Microsoftã®å ±åæ¸ã«ããã°ã2011å¹´ä¸åæã«çºçããã½ããã¦ã§ã¢ã®èå¼±æ§ãçªãæ»æã®ä¸ã§æãå¤ãã£ãã®ã¯ãJavaãçã£ãæ»æã ã£ãã Oracleã®Javaã®èå¼±æ§ãçªããæ»æã横è¡ããã¢ãããã¼ããé©ç¨ããªãã¾ã¾æ¾ç½®ãããç°å¢ãå±éºã«ããããã¦ããã¨ãã¦ãç±³Microsoftã11æ28æ¥ã®ã»ãã¥ãªãã£ããã°ã§æ³¨æãå¼ã³æããã å社ã10æã«çºè¡¨ããã»ãã¥ãªãã£ã¤ã³ããªã¸ã§ã³ã¹ã¬ãã¼ãï¼SIRï¼ç¬¬11çã«ããã°ã2011å¹´ä¸åæã«çºçããã½ããã¦ã§ã¢ã®èå¼±æ§ãçªãæ»æã®ä¸ã§æãå¤ãã£ãã®ã¯ãOracleã®Java Runtime Environmentï¼JREï¼ãJavaä»®æ³ãã·ã³ï¼JVMï¼ããã³Java SEãçã£ãæ»æã ã£ãã¨ããã 2010å¹´7æãã2011å¹´6æã¾ã§ã®1å¹´éã§è¦ãã¨ãåååæã®éã«çºçããæ»æã®ãã¡ãç´3åã®1ãã2åã®1ãJavaã«å¯¾ããæ»æãå ã
A new exploit that takes advantage of a recently-patched critical security flaw in Java is making the rounds in the criminal underground. The exploit, which appears to work against all but the latest versions of Java, is being slowly folded into automated attack tools. The exploit attacks a vulnerability that exists in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier. If you are using Java
ãã 1,2 ã¶æã¦ã§ããµã¤ãæ¹ããã«ã¦ãExploit ã³ã¼ãã¸èªå°ãã script ã¿ã°ãåãè¾¼ã¾ããå ´åãJava Runtime Environmentï¼JREï¼ã®èå¼±æ§ CVE-2008-5353 ãæªç¨ãããå ´åãå¤ãã§ããã2008å¹´12æ23æ¥ã®æ¥è¨ã§ãã®èå¼±æ§ã調ã¹ã¦ã¿ã¦ãæªç¨ã®ããããå±éºåº¦ã®é«ãèå¼±æ§ã§ãããã¨ã¯åããã¾ããããããã1 å¹´ãçµã£ãä»é ã«ãªã£ã¦æªç¨ããå§ããã®ã¯ãªãï¼ã¨æãã¾ãããã²ãã£ã¨ãã¦ãJRE ã¯ã¢ãããã¼ããã¦ãå¤ããã¼ã¸ã§ã³ãæ®ãã®ã§ãææ°çã® JRE ãã¤ã³ã¹ãã¼ã«ããã¦ãã¦ããå¤ã JRE ãå¼ã³åºãããã®ã§ã¯ãªããã¨èãã¾ãããã¨ãããã¨ã§ãå®éã« CVE-2008-5353 ã® Exploit ã³ã¼ãã使ã£ã¦ãè弱㪠JRE ãæªç¨ãããã確èªãã¦ã¿ã¾ããã çµè« çµè«ã¨ãã¦ãè弱㪠JRE ãæå®ã㦠Exploit ã³ã¼ããå®
ã Trend Micro Portable Securityåã æ¤ç´¢ã¨ã³ã¸ã³9.200å ¬éã®ãç¥ãã (ãã¬ã³ããã¤ã¯ã, 6/30) ã ã¦ã¤ã«ã¹ãã¹ã¿ã¼2011 ããã°ã©ã ã¢ãããã¼ãã«ã¤ã㦠(ãã¬ã³ããã¤ã¯ã, 6/30) ã»Internet Explorer 9 ã¸ã®å¯¾å¿ï¼ãã©ã¦ã¶ã¬ã¼ãæ©è½ã«ããã対å¿ï¼ ã»Firefox 4 ã¸ã®å¯¾å¿ ã»ãµãã¼ããã¼ã«ã§èª¿æ»ç¨ãã°ãåå¾ããå¾ã«ãä¸é¨ã®ãã°ã®è¨å®ãå ã«æ»ããªãç¾è±¡ã®æ¹å Firefox 5 ã¯? ã Apache OpenOffice.org (Incubating)ã ãã¥ã¥ã¹ãã®æ£ä½ã¯ apache.org ã Social Network Attacks Surge (McAfee, 6/30) ã ãããä¸ã§å¥åº·é£åã®èå½ã»èªå¤§è¡¨ç¤ºãæ¶è²»è åºã67äºæ¥è ã«é©æ£åè¦è« (so-net ã»ãã¥ãªãã£éä¿¡, 6/23) ã
Archives 2018 (1) February (1) 2015 (1) March (1) 2014 (6) June (1) March (1) February (2) January (2) 2013 (4) December (1) May (1) January (2) 2012 (4) December (1) November (3) 2011 (2) September (1) April (1) 2010 (1) February (1) 2009 (11) December (1) July (3) May (3) February (1) January (3) 2008 (22) December (9) August (3) July (2) June (1) May (1) February (3) January (3) 2007 (35) Decem
æ å ±æºã¯ãã¡ãã http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5351 http://sunsolve.sun.com/search/document.do?assetkey=1-66-245246-1 http://www.unicode.org/versions/corrigendum1.html åé¡ã¯ãUnicodeã«æºæ ãã¦ããªããã¤ãé åã§ãä¸éå端ã«å¦çãã¦ããã®ãåå ã¿ããã 対象ã¯JRE6 update 10 以åã®ãã¼ã¸ã§ã³ æ¤è¨¼ããã®ã¯ç°ãªããã¤ãé åãUTF-8ãã³ã¼ãããçµæãåãå¤ã¨ãªã£ã¦ãã¾ãã±ã¼ã¹ã SampleãAãæ£å¸¸ã±ã¼ã¹ã§SampleãBã¯ç°å¸¸ã±ã¼ã¹ãªãã ãã©ããçµæãåãã¨ãªã£ãã ã¾ãJREãææ°ã«æ´æ°ããã°åé¡ã¯è§£æ¶ãããã¿ããã public class UTF8 { publ
æ³åçããªã³ã©ã¤ã³ã§ç»è¨æ¸é¡ãåå¾ã§ãããµã¼ãã¹ããã¦ããã®ã ããVista 対å¿ã«è¦ããã§ããæ¨¡æ§ http://shinsei.moj.go.jp/new/new_top.html#vista ï¼è¨³ï¼ãJava6 u7 㧠Vista ã§ãã¾ãåããªãã®ãä½ã¨ããããã¨ãã¦ããã©ããããããã¦ãããã¡ã«èå¼±æ§ãããããã£ã¦ u11 ãåºã¡ãã£ãã®ã§ u11 ã§ããã°ããã¨ãã¦ãã ãã¼ããåããã¼ã¸ã§ã³ã® update ã§åããªããªã£ã¡ããã®ã¯ã¤ãããã¾ããããããªãã®ããªããè¨ã£ã¦ããã°ãã u12 ãåºã¦ãããæ³åçã®äººãã¡ã¯ãã¦ãããä½ã£ã¦ãã人éã¯æ¥ãããããªããã ãããã ããã¦ã½ãããåããã«ã¯ãäºåã« JRE ããã¹ã¦ã¢ã³ã¤ã³ã¹ãã¼ã«ããã㨠Java6 u7 ãã¤ã³ã¹ãã¼ã«ããï¼åæãªãã¼ã¸ã§ã³ãå ¥ããã¨åããªããªããï¼ã¨å¼·æ¬²ãªæ¡å ãã¤ã¾ããæ³åçãªã³ã©ã¤ã³ç³è«ã·ã¹ãã
ç¾å¨ãæ³åçãªã³ã©ã¤ã³ç³è«ã·ã¹ãã ï¼ä»¥ä¸ãå½ã·ã¹ãã ãã¨ãããï¼ã«ããã¦ã¯ãSun Microsystems社ã®ã½ããã¦ã§ã¢ã§ããJava 2 Runtime Environmentãï¼ä»¥ä¸ãJREãã¨ãããï¼SEv1.4.2_18ãå©ç¨ãã¦ããã¨ããã§ãããJRE1.4.2ã¯æ¬å¹´ï¼ï¼æï¼ï¼æ¥ããã£ã¦ããµãã¼ãçµäºã¨ãªããã¨çãããæ¬å¹´ï¼ï¼æï¼ï¼æ¥ï¼æï¼ãå½ã·ã¹ãã ãå©ç¨ããããã«å¿ è¦ãªJREã®ããã°ã©ã ãJRE1.4系統ããJRE6.0系統ã¸ã¨å¤æ´ããããã®ãã¼ã¸ã§ã³ã¢ãããè¡ãã¾ãã ãä¸è¨ã«ä¼´ããæ¬å¹´ï¼ï¼æï¼ï¼æ¥ï¼æï¼ä»¥éã«å½ã·ã¹ãã ãå©ç¨ããå ´åã«ã¯ãJREã®ããã°ã©ã ãæ³åçãªã³ã©ã¤ã³ç³è«ã·ã¹ãã ã®ããã°ã©ã çã«ã¤ãã¦å ¥æ¿ãä½æ¥ãè¡ã£ã¦ããã ãå¿ è¦ãããã¾ãã®ã§ãããããããæ¿ç¥ããé¡ãã¾ãã å ¥æ¿ãä½æ¥ã®è©³ç´°ã«ã¤ãã¦ã¯ãå¼ãç¶ãå½æ¬ã«ã¦ãç¥ãããã¾ãã ãã¾ãããã¼ã¸ã§ã³ã¢
â åçå´åçã®èå¼±æ§æ¾ç½®ã¯ä½ãåé¡ã¨ããã¦ããã®ã ç®æ¬¡ ä»åã®å ±é éå»ã®çµç·¯ ä½ãåé¡ãªã®ã æ¬å½ã«åããªããªãã®ã å é£å®æ¿ã«æå¾ ããã㨠æ°ããªåé¡ï¼Sun Microsystemsã®æè¡ï¼ ä»åã®å ±é å é±ãNHKããåçå´åçã®é»åç³è«ã·ã¹ãã ã®ã»ãã¥ãªãã£ä¸ã®åé¡ç¹ãåãä¸ãã¦ããã NHKãã¥ã¼ã¹ãåå´ç æ¬ é¥ã½ãããæ¾ç½®ã, 2007å¹´7æ5æ¥ ãã¥ã¼ã¹7 åçå´åçã¯ãã¼ã ãã¼ã¸ä¸ã§ç¹å®ã®ã³ã³ãã¥ã¼ã¿ã¼ã½ãããæä¾ãã¦ãã¾ããããã®ã½ããã«ã¯é大ãªæ¬ é¥ããããå©ç¨è ããã½ã³ã³ã®æ å ±ãçã¾ãããããã®ãããã¨ããããã¾ãããï¼ç¥ï¼ åçå´åçã¯ãããããæ å ±ãææ¡ã§ãããï¼ãæ以ä¸ã«ããã£ã¦ãæ¬ é¥ãä¿®æ£ãããææ°ã®ã½ããã«åãæ¿ããããå©ç¨è ã«æ³¨æãå¼ã³ãããããããªã©ã®å¯¾çãã¨ã£ã¦ãã¾ããã§ããã NHKãã¥ã¼ã¹ãåå´ç æ¬ é¥ã½ããæä¾ä¸æ¢ã, 2007å¹´7æ6æ¥ ã
ãªãªã¼ã¹ãé害æ å ±ãªã©ã®ãµã¼ãã¹ã®ãç¥ãã
ææ°ã®äººæ°ã¨ã³ããªã¼ã®é ä¿¡
å¦çãå®è¡ä¸ã§ã
j次ã®ããã¯ãã¼ã¯
kåã®ããã¯ãã¼ã¯
lãã¨ã§èªã
eã³ã¡ã³ãä¸è¦§ãéã
oãã¼ã¸ãéã
{{#tags}}- {{label}}
{{/tags}}