$B%;%-%e%j%F%#%[!<%k(B memo

Last modified: Fri Sep 18 19:08:50 2009 +0900 (JST)

$B!!(BSecurity Watch $B$5$s$,E9$8$^$$$5$l$F$7$^$C$?$N$G!"(B $B8D?M$GDI$$$+$1$F$_$k%F%9%H$G$9!#(B $BHwK:O?$H$7$F=q$$$F$*$/$D$b$j$J$N$G!"(B Security Watch $B$5$s$N$h$&$J>\:Y$J$b$N$G$O$"$j$^$;$s!#(B $B4pK\E*$J%?!<%2%C%H$O(B UNIX$B!"(BWindows$B!"(BMac OS (priority $B=g(B) $B$H$7$^$9!#(B $B$^$?!"$3$N%Z!<%8$NFbMF$O$I$N%Z!<%8$K$bA}$7$FL5J]>Z$G$"$k$3$H$r@k8@$7$F$*$-$^$9!#A4$F$N>pJs$,=8$^$C$F$$$k$o$1$b$"$j$^$;$s!#(B

$B!!$3$3$K:\$;$k>pJs$K$D$$$F$O!"2DG=$J8B$j(B 1 $BpJs8;$X$N%j%s%/$r:n@.$7$F$*$-$^$9!#(B $B3F<+$G(B 1 $BpJs8;$NFbMF$r3NG'$7$F$/$@$5$$!#(B $B$3$N%Z!<%8$NFbMF$r$/$l$0$l$b1-0{$_$K$7$J$$$h$&$K!#(B $B4V0c$$$rH/8+$5$l$?J}!"5-:\$5$l$F$$$J$$>pJs$r$4B8CN$NJ}!"$<$R(B$B$*$7$($F$/$@$5$$(B$B!#$h$m$7$/$*4j$$$$$?$7$^$9!#(B

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B

$B!!(B[ $BDjHV>pJs8;(B ] $B!!2a5n$N5-;v(B: 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998

[SCAN Security Wire NP Prize 2001]

$B!V(BScan Security Wire$B!W(B $BSCAN Security Wire NP Prize 2001 $B$r^(B$B$7$^$7$?!#(B

$B!!(B

$B!V%M%C%H%i%s%J!o=,^$r!"%Y%9%H!&%*%V!&>o=,^$r^$7$^$7$?!#(B

www.iraqbodycount.org www.iraqbodycount.org

$BI|4)%j%/%(%9%H
$B%8%'%$%`%:(B.$B#F(B.$B%@%K%,%s!V(B $B?7!&@oAh$N%F%/%N%m%8!<(B$B!W(B($B8=:_(B27$BI<(B)
$BCf;3?.90!V(B$B%=%U%H%&%'%"$NK!E*J]8n(B$B!W(B ($B8=:_(B119$BI<(B) ($B%*%s%G%^%s%I9XF~2D(B)
$B%j%G%k!&%O!<%H!V(B$B@oN,O@!!4V@\E*%"%W%m!<%A(B$B!W(B ($BI|4)7hDj(B)
$BN&0f;0O:Lu!&JT!V(B$B%Y%H%J%`5"4TJ<$N>Z8@(B$B!W(B ($B8=:_(B103$BI<(B)
$BNS9nL@!V(B$B%+%U%+%9$N>.$5$J9q!!%A%'%A%'%sFHN)1?F0;OKv(B$B!W(B ($B8=:_(B166$BI<(B)

RSS $B$KBP1~$7$F$_$^$7$?!#(B $B>.%M%?$O4^$^$l$F$$$^$;$s!#!V@/<#$M$?%&%<%'!W$H$$$&?M$O(B RSS $B%Y!<%9$GFI$`$H9,$;$K$J$l$k$G$7$g$&(B ($B%&%6$/$J$$?M$O(B $B$3$C$A$N(B RSS $B$,$h$$$+$b$7$l$^$;$s(B)$B!#(B RSS 1.0 $B$G$9$N$G!"$"$/$^$G(B RDF Site Summary $B$G$9!#(B $B8=:_$O(B Really Simple Syndication $B$K$OBP1~$7$F$$$^$;$s!#(B
$B:#$9$0(B Really Simple Syndication $B$,$[$7$$?M$O!"$N$$$s$5$s$K$h$k(B Web $B%5%$%H$N(B RSS $B$r>! $B$r;2>H$7$F$/$@$5$$!#(B($B$N$$$s$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)

$B<BMQ(B SSH $BBh(B2$BHG(B: $B%;%-%e%
2 $B:~$,=P$^$7$?!#(B$B%*%i%$%j!<$GCmJ8$7(B$B!"Hw9MMw$K!VI,$:(B2$B:~$G$"$k$3$H!W$H=q$/$H(B 2 $B:~$r3N

$B"#(B 2009.09.18

$B"#(B $BDI5-(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975497) SMB $B$N@H

$B!!(B$B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B 975497 $B$,2~D{$5$l$?!#(B

$B"#(B 2009.09.17

$B"#(B $BDI5-(B

Helping users keep plugins updated

$B!!7k2LH/I=(B: Helping People Upgrade Flash (Blog of Metrics, 2009.09.16)

So, what has transpired since last Wednesday?

In one week, 10,000,000 people have clicked on the $B!H(Bflash update$B!I(B link below.

$B!!(B1,000 $BK|!D!D!#$J$+$J$+$$$$?t;z$G$9$M!#(BMicrosoft $B$b$<$RDI?o$7$F$/$@$5$$!#(B ($B$=$N>l9g!"$b$&(B 1 $B7e>e$r9T$/$G$7$g$&$M!D!D(B)

$B"#(B 2009.09.16

$B"#(B Microsoft Update$B$,CY$/$J$k%H%i%V%k$,H/@8!!(B MS$B$,G'<1$7$J$$$^$^!V<+A3I|5l!W(B
($BF|7P(B IT Pro, 2009.09.14)

$B!!$D$^$jLdBj$O!$(BMicrosoft Update$B%5%$%H!$$^$?$O(BMicrosoft Update$B%5%$%H$r<}MF$9$k(BCDN$B$K$"$k2DG=@-$,9b$$!#(B ($BCfN,(B) $B%U%l%C%DLV7PM3$G%"%/%;%9$9$k(BMicrosoft Update/Windows Update$B$,CY$$$H$$$&LdBj$O!$%^%$%/%m%=%U%H$,G'<1$7$J$$$^$^H/@8$7!$%^%$%/%m%=%U%H$,G'<1$7$J$$$^$^<}B+$7$?!#%f!<%6!<$H$7$F$O2?$H$bIT0B$,;D$k7kKv$@!#(B

$B!!(BMicrosoft $B$,0-$$$N$+!"(BCDN $B$,0-$$$N$+!"$I$C$A$J$s$@$m$&!D!D!#(B

$B"#(B $B$$$m$$$m(B (2009.09.16)
(various)

$B"#(B Google Chrome Releases: Stable Channel Update
(Google Chrome Releases, 2009.09.15)

$B!!(BGoogle Chrome 3.0.195.21 $B$,%j%j!<%9$5$l!"(B2.x $B7ONs$KBe$o$C$F(B stable $B2=$5$l$?!#(B 2 $B7o$N%;%-%e%j%F%#7g4Y$,=$@5$5$l$F$$$k!#(B

$B"#(B Re: [Full-disclosure] FreeBSD <= 6.1 kqueue() NULL pointer dereference
(bugtraq, 2009.09.13)

$B!!(BFreeBSD <= 6.1 kqueue() NULL pointer Dereference Local Root Exploit $B$N7o!"$j@Z$C$F$$$J$$$H$$$&;XE&!#(B FreeBSD 6.4-RELEASE $B$G$N2hA|$@$H$$$&%G%b2hLL$,>R2p$5$l$F$$$k!#(B $BK\Ev$J$N$+$J$"!#(B

$B!!$D!<$+!"(BFreeBSD 7.2 local root vulnerability (0day) $B$H$$$&$N$b=P$F$k$s$G$9$,!"$3$l$O2?!D!D!#(B

$B"#(B War FTP Daemon Remote Denial Of Service Vulnerability
(bugtraq, 2009.09.13)

$B!!(BWar FTP Daemon 1.82 RC 13 $BEP>l(B ($B%@%&%s%m!<%I(B)$B!#(B WarFTPd 1.82.00-RC12 (LIST command) Format String DoS Exploit (milw0rm) $B$N7o$,=$@5$5$l$F$$$k$H;W$o$l!#(B

$B"#(B 2009.09.15

$B"#(B [Securitry Advisory] Multiple Smartphones MMS Notification Sender Obfuscation
(silentservices.de, 2009.09.11)

$B!!(BBlackberry 8800 (Firmware: 4.5.0.37)$B!"(B Windows Mobile 5 / 6.0 / 6.1 / 6.5$B!"(B Sony Ericsson W890i / W810i $B$K$*$$$F!"(BMMS $B$NH/?.$BAw?. ($B%(%U%;%-%e%"%V%m%0(B, 2009.09.14)

$B"#(B Restricted users may have unauthorized access to Office 2008 for Mac program files
(Microsoft, 2008.01.08)

$B!!$3$s$JOC$,$"$C$?$N$G$9$M!#(B CVE-2008-7217 $B$,(B 2009.09.13 $B$K(B assign $B$5$l$F!"$O$8$a$F5$$,$D$$$?!#(B

$B"#(B 2009.09.14

$B"#(B 2009.09.13

$B"#(B 2009.09.12

$B"#(B $BDI5-(B

Firefox 3.5.3 / 3.0.14 $B%j%j!<%9(B

$B!!=$@50lMw(B:

MFSA 2009-51
FeedWriter $B$K$h$k%/%m!<%`FC8">:3J(B
MFSA 2009-50
$B2aBg$J9T9b$N(B Unicode $BJ8;z$rDL$8$?%m%1!<%7%g%s%P!<$N56Au(B
MFSA 2009-49
$B%D%j!
MFSA 2009-48
PKCS11 $B%b%8%e!<%k$N%$%s%9%H!<%k$H:o=|$K4X$9$kIT==J,$J7Y9p(B
MFSA 2009-47
$B%a%b%jGK2u$N7A@W$,$"$k%/%i%C%7%e(B (rv:1.9.1.3/1.9.0.14)

$B!!(BMFSA 2009-48 $B$O(B Firefox 3.0.x $B$N$_!"B>$O(B Firefox 3.0.x / 3.5.x $B6&DL!#(B $B4XO"(B:

$B$$$m$$$m(B (2009.09.08)

$B!!(BRoboHelp $B$N7oB3Js(B: Update on RoboHelp Server 8 Issue (Adobe PSIRT blog, 2009.09.09)$B!#(B2009.09.18 $B$K(B fix $B$,=P$kM=Dj$N$h$&$G$9!#(B

$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975497) SMB $B$N@H

$B!!(B Windows$B$N(BSMB$B$N(BDoS$B967b$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.09.10)

[Full-disclosure] Linux NULL pointer dereference due to incorrect proto_ops initializations

$B!!4XO"(B:

$B"#(B $B$$$m$$$m(B (2009.09.12)
(various)

$B"#(B 2009.09.11

$B"#(B About Security Update 2009-005
(Apple, 2009.09.09)

$B!!(BMac OS X 10.4.11 / 10.5.8 $BMQ$N%;%-%e%j%F%#99?7!#Nc$K$h$C$FB??t$N=$@5!#(B

$B"#(B $BDI5-(B

Flash Player update and Snow Leopard

$B!!(BMac OS X 10.6.1 $B$GBP1~$5$l$?(B: About the security content of the Mac OS X v10.6.1 Update (Apple, 2009.09.11)

Helping users keep plugins updated

$B!!(BFirefox $B$N5lHG(B Flash Player $B%W%i%0%$%s7Y9p$N7o!"5sF0$r3NG'$7$F$_$?!#(B

  • Firefox 3.5.3 $B$K(B Flash Player 10.0.22.87 $B$r%$%s%9%H!<%k$7$F$_$?$,!"2?$NH?1~$bF@$i$l$J$$!#(BFirefox $B$r:F5/F0$7$F$bF1MM!#(B

  • Firefox 3.5.2 $B$K(B Flash Player 10.0.22.87 $B$r%$%s%9%H!<%k$7!"(B Firefox 3.5.3 $B$K%"%C%W%G!<%H$9$k$H!"%"%C%W%G!<%H8e(B Firefox $B$r:F5/F0$7$?;~E@$G!"(BFlash Player $B$N99?7$rB%$5$l$?!#(B

$B!!4XO"(B: $B!V5!G=$rDI2C!W$H$$$&$N$O@53N$G$O$J$$(B (slashdot.jp, 2009.09.11)

Microsoft 2009 $BG/(B 9 $B7n$N%;%-%e%j%F%#>pJs(B

$B!!(BMS09-048 $B$,2~D{$5$l$?!#(B

2009/9/10: $B!V1F6A$r]HO0O$K$D$$$F$N@bL@$rDI2C$7$^$7$?!#$3$N%;%-%e%j%F%#>pJs$GDs6!$7$F$$$k%;%-%e%j%F%#99?7%W%m%0%i%`$KJQ99$O$"$j$^$;$s!#(B

$B!!2?$,JQ$o$C$?$s$@$m$&!D!D!#2~D{A0$N(B FAQ $B$O$3$&(B:

Windows XP $B$N4{Dj$N9=@.$,$3$N@H
$B4{Dj$G!"(BWindows XP Service Pack 2$B!"(BWindows XP Service Pack 3 $B$*$h$S(B Windows XP Professional x64 Edition Service Pack 2 $B$K$O%/%i%$%"%s%H(B $B%U%!%$%"%&%)!<%k$G9=@.$5$l$?%j%9%K%s%0%5!<%S%9$,4^$^$l$F$$$J$$$?$a!"$3$N@Hl9g!"1F6A$re$N6aNY$N%M%C%H%o!<%/%G%P%$%9$+$i$N\:Y!W$N%;%/%7%g%s$N4KOB:v$*$h$S2sHr:v$O!"(B Windows XP Service Pack 2$B!"(BWindows XP Service Pack 3 $B$*$h$S(B Windows XP Professional x64 Edition Service Pack 2 $B$K$bE,MQ$7$^$9!#(B

$B!!2~D{8e$O$3$&(B:

$B1F6A$r
$B4{Dj$G!"(BWindows XP Service Pack 2$B!"(BWindows XP Service Pack 3 $B$*$h$S(B Windows XP Professional x64 Edition Service Pack 2 $B$K$O%/%i%$%"%s%H(B $B%U%!%$%"%&%)!<%k$G9=@.$5$l$?%j%9%K%s%0(B $B%5!<%S%9$,4^$^$l$F$$$J$$$?$a!"$3$N@H2A$7$F$$$^$9!#$5$i$K!"(BWindows XP Service Pack 2 $B$*$h$S$=$l0J9_$N%*%Z%l!<%F%#%s%0(B $B%7%9%F%`$K$O!"%9%F!<%H%U%k(B $B%[%9%H(B $B%U%!%$%"%&%)!<%k$,4^$^$l$F$*$j!"%$%s%?!<%M%C%H$^$?$O%W%i%$%Y!<%H(B $B%M%C%H%o!<%/>e$N6aNY$N%M%C%H%o!<%/(B $B%G%P%$%9$+$i$N

$B!!@bL@$K$J$C$F$J$$!"$H$$$&0UL#$G$O2?$N0c$$$b$J$$!#(B

$B"#(B 2009.09.10

$B"#(B Microsoft 2009 $BG/(B 9 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2009.09.09)

MS09-045 - $B6[5^(B: JScript $B%9%/%j%W%H(B $B%(%s%8%s$N@H

$B!!(BWindows 2000 / XP / Server 2003 / Vista / Server 2008 $B>e$GF0:n$9$k(B JScript 5.1 / 5.6 / 5.7 / 5.8 $B$K7g4Y!#96N,(B Web $B%Z!<%8Ey$K;E9~$^$l$?%9%/%j%W%H$K$h$C$FG$0U$N%3!<%I$rCVE-2009-1920$B!#(B Exploitability Index: 1$B!#(B Windows 7 / Server 2008 R2 $B$K$O$3$N7g4Y$O$J$$!#(B

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#$?$@$7!"K\(B patch $B$N%$%s%9%H!<%k8e$K(B IE 7 $B$d(B IE 8 $B$r%$%s%9%H!<%k$7!"$=$l$iMQ$N(B JScript patch $B$rDI2C%$%s%9%H!<%k$9$k$H!"(B $BDI2C%$%s%9%H!<%k$7$?J,$N(B patch $B$r%"%s%$%s%9%H!<%k$G$-$J$/$J$C$F$7$^$&$3$H$,$"$k$N$GCm0U!#$D!<$+!"$3$l$O%O%^$k$C$F!D!D!#(BKB971961 $B;2>H!#(B

$B!!$3$N>u67$rHr$1$k$K$O(B:

  • patch $B%$%s%9%H!<%kA0$K(B IE 7 $B$d(B IE 8 $B$r%$%s%9%H!<%k$9$k$+!"$"$k$$$O(B

  • $B0lC6$3$N(B patch $B$r%"%s%$%s%9%H!<%k$7$?8e$G!"(BIE 7 $B$d(B IE 8 $B$r%$%s%9%H!<%k$9$k(B

$B!!$C$F<+J,$G=q$$$F$F%"%l$@$1$I!"(B1 $B=54V$b$9$l$PK:$l$A$c$&$h$3$s$J$N!D!D!#(B

MS09-046 - $B6[5^(B: DHTML $BJT=8%3%s%]!<%M%s%H$N(B Active X $B%3%s%H%m!<%k$N@H

$B!!(BWindows 2000 / XP / Server 2003 $B$K7g4Y!#(B DHTML $BJT=8%3%s%]!<%M%s%H$N(B ActiveX $B%3%s%H%m!<%k$K7g4Y$,$"$j!"(B $B96N,(B web $B%Z!<%8$K$h$C$FG$0U$N%3!<%I$rCVE-2009-2519$B!#(BExploitability Index: 2

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

MS09-047 - $B6[5^(B: Windows Media Format $B$N@H

$B!!(BWindows Media Format Runtime 9.0 / 9.5 / 11$B!"(B Microsoft Media Foundation$B!"(BWindows Media $B%5!<%S%9(B 9.1 / 2008 $B$K7g4Y!#(B ASF (Advanced Systems Format) $B%U%!%$%k$*$h$S(B MP3 (MPEG-1 Audio Layer 3) $B%U%!%$%k$N=hM}$K7g4Y$,$"$j!"96N,%U%!%$%k$K$h$C$FG$0U$N%3!<%I$rCVE-2009-2498 CVE-2009-2499$B!#(BExploitability Index: $B$I$A$i$b(B 1

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

MS09-048 - $B6[5^(B: Windows TCP/IP $B$N@H

$B!!(BWindows 2000 / XP / Server 2003 / Vista / Server 2008 $B$N(B TCP $B

$B!!(BWindows 7 / Server 2008 R2 $B$K$O$3$l$i$N7g4Y$O$J$$!#$^$?(B Windows XP SP2 / SP3 $B$N=P2Y;~@_Dj$K$*$$$F$O!"$3$N7g4Y$OH/8=$7$J$$!#(B

$B!!(Bpatch $B$O!"(BWindows Server 2003 / Vista / Server 2008 $BMQ$N$_$,MQ0U$5$l$F$$$k!#(BWindows 2000 / XP $BMQ$OB8:_$7$J$$!#(BWindows 2000 $BMQ$N(B patch $B$,MQ0U$5$l$J$$M}M3$O@bL@$5$l$F$$$k$,!"(BWindows XP $BMQ$N(B patch $B$,MQ0U$5$l$J$$M}M3$O@bL@$5$l$F$$$J$$!#(B

$B!!4XO"(B:

MS09-049 - $B6[5^(B: $B%o%$%d%l%9(B LAN $B<+F09=@.%5!<%S%9$N@H

$B!!(BWindows Vista / Server 2008 $B$K7g4Y!#(B $B%o%$%d%l%9(B LAN AutoConfig $B%5!<%S%9(B (wlansvc) $B$K7g4Y$,$"$j!"(B $B96N,%Q%1%C%H$K$h$C$F(B heap overflow $B$,H/@8!"G$0U$N%3!<%I$rCVE-2009-1132

$B!!(Bpatch $B$,$"$k$N$GE,MQ$9$l$P$h$$!#(B

2009.09.11 $BDI5-(B:

$B!!(BMS09-048 $B$,2~D{$5$l$?!#(B

2009/9/10: $B!V1F6A$r]HO0O$K$D$$$F$N@bL@$rDI2C$7$^$7$?!#$3$N%;%-%e%j%F%#>pJs$GDs6!$7$F$$$k%;%-%e%j%F%#99?7%W%m%0%i%`$KJQ99$O$"$j$^$;$s!#(B

$B!!2?$,JQ$o$C$?$s$@$m$&!D!D!#2~D{A0$N(B FAQ $B$O$3$&(B:

Windows XP $B$N4{Dj$N9=@.$,$3$N@H
$B4{Dj$G!"(BWindows XP Service Pack 2$B!"(BWindows XP Service Pack 3 $B$*$h$S(B Windows XP Professional x64 Edition Service Pack 2 $B$K$O%/%i%$%"%s%H(B $B%U%!%$%"%&%)!<%k$G9=@.$5$l$?%j%9%K%s%0%5!<%S%9$,4^$^$l$F$$$J$$$?$a!"$3$N@Hl9g!"1F6A$re$N6aNY$N%M%C%H%o!<%/%G%P%$%9$+$i$N\:Y!W$N%;%/%7%g%s$N4KOB:v$*$h$S2sHr:v$O!"(B Windows XP Service Pack 2$B!"(BWindows XP Service Pack 3 $B$*$h$S(B Windows XP Professional x64 Edition Service Pack 2 $B$K$bE,MQ$7$^$9!#(B

$B!!2~D{8e$O$3$&(B:

$B1F6A$r
$B4{Dj$G!"(BWindows XP Service Pack 2$B!"(BWindows XP Service Pack 3 $B$*$h$S(B Windows XP Professional x64 Edition Service Pack 2 $B$K$O%/%i%$%"%s%H(B $B%U%!%$%"%&%)!<%k$G9=@.$5$l$?%j%9%K%s%0(B $B%5!<%S%9$,4^$^$l$F$$$J$$$?$a!"$3$N@H2A$7$F$$$^$9!#$5$i$K!"(BWindows XP Service Pack 2 $B$*$h$S$=$l0J9_$N%*%Z%l!<%F%#%s%0(B $B%7%9%F%`$K$O!"%9%F!<%H%U%k(B $B%[%9%H(B $B%U%!%$%"%&%)!<%k$,4^$^$l$F$*$j!"%$%s%?!<%M%C%H$^$?$O%W%i%$%Y!<%H(B $B%M%C%H%o!<%/>e$N6aNY$N%M%C%H%o!<%/(B $B%G%P%$%9$+$i$N

$B!!@bL@$K$J$C$F$J$$!"$H$$$&0UL#$G$O2?$N0c$$$b$J$$!#(B

$B"#(B $B$$$m$$$m(B (2009.09.10)
(various)

$B"#(B $BDI5-(B

Jack C. Louis and Robert E. Lee to talk about New DoS Attack Vectors

$B!!B3Js!#(B

$B"#(B Firefox 3.5.3 / 3.0.14 $B%j%j!<%9(B
(mozilla.org, 2009.09.10)

$B!!(BFirefox 3.5.3 / 3.0.14 $B$,%j%j!<%9$5$l$?!#(BFirefox 3.5.3 $B$G$O(B 4 $B7o!"(B Firefox 3.0.14 $B$G$O(B 5 $B7o$N7g4Y$,=$@5$5$l$F$$$k!#(B

$B!!(BHelping users keep plugins updated $B$N7o$bBP1~$5$l$F$$$k!#(B

2009.09.12 $BDI5-(B:

$B!!=$@50lMw(B:

MFSA 2009-51
FeedWriter $B$K$h$k%/%m!<%`FC8">:3J(B
MFSA 2009-50
$B2aBg$J9T9b$N(B Unicode $BJ8;z$rDL$8$?%m%1!<%7%g%s%P!<$N56Au(B
MFSA 2009-49
$B%D%j!
MFSA 2009-48
PKCS11 $B%b%8%e!<%k$N%$%s%9%H!<%k$H:o=|$K4X$9$kIT==J,$J7Y9p(B
MFSA 2009-47
$B%a%b%jGK2u$N7A@W$,$"$k%/%i%C%7%e(B (rv:1.9.1.3/1.9.0.14)

$B!!(BMFSA 2009-48 $B$O(B Firefox 3.0.x $B$N$_!"B>$O(B Firefox 3.0.x / 3.5.x $B6&DL!#(B $B4XO"(B:

$B"#(B About the security content of iPhone OS 3.1 and iPhone OS 3.1.1 for iPod touch
(Apple, 2009.09.10)

$B!!(BiPhone OS 3.1 $B$*$h$S(B iPhone OS 3.1.1 for iPod touch $BEP>l!#(B $BG$0U$N%3!<%I$N7$/$b$N$r4^$`!"J#?t$N7g4Y$,=$@5$5$l$F$$$k!#(B

$B!!$7$+$7!"(BiPod touch $B$N?M$O!"$^$?$b$d6b$rJ'$o$J$$$H$$$1$J$$$N$@$m$&$+!D!D$H;W$C$?$N$@$,!"$3$&$$$&>u67$i$7$$(B ($B;2>H(B: Apple$B!"?7$7$$(BiPod touch$B$N%i%$%s%"%C%W$rH/I=(B (Apple, 2009.09.10)$B!#(B

  • iPhone OS 3.0 $B$r9XF~:Q$_$N>l9g$O(B 3.1.1 $B$XL5=~%"%C%W%G!<%H$G$-$k!#(B

  • iPhone OS 2.x $B0JA0$N>l9g$O!"(B600 $B1_$GM-=~%"%C%W%0%l!<%I(B

$B"#(B QuickTime 7.6.4 $B$N%;%-%e%j%F%#%3%s%F%s%D$K$D$$$F(B
(Apple, 2009.09.10)

$B!!(BQuickTime 7.6.4 $BEP>l!#(B4 $B$D$N7g4Y$,=$@5$5$l$F$$$k!#(B $B$$$:$l$b!"(BMac $BHG!&(BWindows $BHG$NN>J}$K6&DL$9$k7g4Y!#(B

  • $B96N,(B H.264 $B%`!<%S!<$K$h$C$FG$0U$N%3!<%I$,CVE-2009-2202

  • $B96N,(B MPEG-4 $B%S%G%*%U%!%$%k$K$h$C$FG$0U$N%3!<%I$,CVE-2009-2203

  • $B96N,(B FlashPix $B%U%!%$%k$K$h$C$FG$0U$N%3!<%I$,CVE-2009-2798

  • $B96N,(B H.264 $B%`!<%S!<$K$h$C$FG$0U$N%3!<%I$,CVE-2009-2799

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975497) SMB $B$N@H
(Microsoft, 2009.09.09)

$B!!$3$N7o(B: Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. (milw0rm)$B!#(B $B96N,(B SMB2 $B%Q%1%C%H$K$h$C$FG$0U$N%3!<%I$rCVE-2009-3103

$B!!7g4Y$,$"$k$N$O(B Windows Vista / Server 2008 / 7 RC$B!#(B Windows Server 2008 R2 $B$*$h$S(B Windows 7 gold $B$K$O$3$N7g4Y$O$J$$!#(B SMB2 $B$rL58z$K$9$l$P2sHr$G$-$k!#(B

2009.09.12 $BDI5-(B:

$B!!(B Windows$B$N(BSMB$B$N(BDoS$B967b$N@HZ%l%]!<%H(B (NTT $B%G!<%?!&%;%-%e%j%F%#(B, 2009.09.10)

2009.09.18 $BDI5-(B:

$B!!(B$B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B 975497 $B$,2~D{$5$l$?!#(B

$B"#(B 2009.09.09

$B"#(B $BDI5-(B

Jack C. Louis and Robert E. Lee to talk about New DoS Attack Vectors

$B!!(BSockstress $B$N7o!"$h$&$d$/3F

$B"#(B 2009.09.08

$B"#(B $B$$$m$$$m(B (2009.09.08)
(various)

2009.09.12 $BDI5-(B:

$B!!(BRoboHelp $B$N7oB3Js(B: Update on RoboHelp Server 8 Issue (Adobe PSIRT blog, 2009.09.09)$B!#(B2009.09.18 $B$K(B fix $B$,=P$kM=Dj$N$h$&$G$9!#(B

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2009.08.15)

$B!!(BWordPress$B$N5lHG$rA@$&%o!<%`=P8=!":G?7HG$K99?7$r(B (ITmedia, 2009.09.08)$B!#(BCVE-2009-2762 $B$rA@$&%o!<%`$,=P$F$-$?$=$&$G!#(B

Opera 10 for Windows $B99?7MzNr(B

SSL$B%H%i%U%#%C%/$rK5

$B!!(BQt patches released fixing potential security flaw - Patches for Qt versions 4.3.0 and newer available for download. (nokia, 2009.09.01)$B!#(BQt 4.3.0 $BMQ$H(B Qt 4.4.x / 4.5.x $BMQ$N(B patch $B$,MQ0U$5$l$F$$$k!#(B CVE-2009-2700

$B"#(B 2009.09.07

$B"#(B Java for Mac OS X 10.5 Update 5 $B$N%;%-%e%j%F%#%3%s%F%s%D$K$D$$$F(B
(apple, 2009.09.03)

$B!!(BMac OS X 10.5 $BMQ$N(B Java SE 1.6.0_15 / 1.5.0_20 / 1.4.2_22$B!"$*$h$S(B Java Web Start $B$N=$@5!#(B

$B"#(B 2009.09.05

$B"#(B Helping users keep plugins updated
(Mozilla Security Blog, 2009.09.04)

$B!!(BFirefox 3.5.3 / 3.0.14 $B0J9_$G$O!"(BFirefox $B$,!"I,MW$K1~$8$F(B Flash Player $B$N99?7$rB%$9I=<($r9T$&$h$&$K$J$kLOMM!#$9$P$i$7$$!#(B

2009.09.11 $BDI5-(B:

$B!!(BFirefox $B$N5lHG(B Flash Player $B%W%i%0%$%s7Y9p$N7o!"5sF0$r3NG'$7$F$_$?!#(B

  • Firefox 3.5.3 $B$K(B Flash Player 10.0.22.87 $B$r%$%s%9%H!<%k$7$F$_$?$,!"2?$NH?1~$bF@$i$l$J$$!#(BFirefox $B$r:F5/F0$7$F$bF1MM!#(B

  • Firefox 3.5.2 $B$K(B Flash Player 10.0.22.87 $B$r%$%s%9%H!<%k$7!"(B Firefox 3.5.3 $B$K%"%C%W%G!<%H$9$k$H!"%"%C%W%G!<%H8e(B Firefox $B$r:F5/F0$7$?;~E@$G!"(BFlash Player $B$N99?7$rB%$5$l$?!#(B

$B!!4XO"(B: $B!V5!G=$rDI2C!W$H$$$&$N$O@53N$G$O$J$$(B (slashdot.jp, 2009.09.11)

2009.09.17 $BDI5-(B:

$B!!7k2LH/I=(B: Helping People Upgrade Flash (Blog of Metrics, 2009.09.16)

So, what has transpired since last Wednesday?

In one week, 10,000,000 people have clicked on the $B!H(Bflash update$B!I(B link below.

$B!!(B1,000 $BK|!D!D!#$J$+$J$+$$$$?t;z$G$9$M!#(BMicrosoft $B$b$<$RDI?o$7$F$/$@$5$$!#(B($B$=$N>l9g!"$b$&(B 1 $B7e>e$r9T$/$G$7$g$&$M!D!D(B)

$B"#(B 2009.09.04

$B"#(B Opera 10 for Windows $B99?7MzNr(B
(Opera.com, 2009.09.01)

$B!!(BOpera 10 $B$K$OJ#?t$N%;%-%e%j%F%#=$@5$,4^$^$l$F$$$^$9!#(B

Opera 9.64 $B$+$i$NJQ99FbMF(B
($BCfN,(B)
$B%;%-%e%j%F%#(B
  • $B%5%$%H$,L58z$K$J$C$?Cf4V>ZL@=q$r;HMQ$7$F$$$k>l9g$K0BA4$HI=<($5$l$k>l9g$,$"$C$?LdBj!#(B; $B4+9p$r$4Mw$/$@$5$$(B$B!#(B
  • $B%"%I%l%9%P!<$,Jx$l$F%I%a%$%sL>$r@53N$KI=<(=PMh$J$+$C$?LdBj!#(B; $B4+9p$r$4Mw$/$@$5$$(B$B!#(B
  • IDNA ($B9q:]2=%I%a%$%sL>(B) $BJ8;z$,%"%I%l%9%P!<$K@53N$KI=<($5$l$J$$$3$H$,$"$C$?LdBj!#(B; $B4+9p$r$4Mw$/$@$5$$(B$B!#(B
  • SSL/TLS $BL>A08!:w$G(B *.com $B$,%o%$%k%I%+!<%I$7$^$C$?LdBj!#(B; $B4+9p$r$4Mw$/$@$5$$(B$B!#(B
  • Root $B$+$iD>@\H/9T$5$l$?(B EV $B>ZL@=q$NG'<1LdBj!#(B
  • $B>ZL@=q$N%$%s%]!<%H$K4X$9$kLdBj!#(B

$B!!$3$N=q$+$lJ}$+$i$9$k$H!"(BOpera 9.65 $B$O=P$J$$$C$]$$$+!#(B

2009.09.08 $BDI5-(B:

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2009 $BG/(B 9 $B7n(B
(Microsoft, 2009.09.04)

$B!!$b$&$=$s$J5(@a$G$9!#6[5^(B x 5$B!#$^$$$C$?$M!#(B

$B"#(B $BDI5-(B

Microsoft IIS 5/6 FTP 0Day released

$B!!$d$C$Q$jG'>ZDL$i$J$$$H$@$a$G$7$?!#$9$$$^$;$s!#$3$,$5$s!":4L>LZ$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#4XO"(B: MS-IIS FTP Service 5/6 $B$N(B NLST $B%3%^%s%I$N@H (ntt.com, 2009.09.03)

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975191) $B%$%s%?!<%M%C%H(B $B%$%s%U%)%a!<%7%g%s(B $B%5!<%S%9$N(B FTP $B%5!<%S%9$N@H (Microsoft, 2009.09.02) $B$,2~D{$5$l!"(BCVE-2009-2521 $B$,DI2C$5$l$^$7$?!#(BIIS 5.0 / 5.1 / 6.0 / 7.0 $BIUB0$N(B FTP $B%5!<%S%9$K(B DoS $B967b$r

$B"#(B Flash Player update and Snow Leopard
(Adobe PSIRT blog, 2009.09.02)

$B!!(BMac OS X 10.6 Snow Leopard $B$K$O8E$$%P!<%8%g%s$N(B Flash Player $B$,F1:-$5$l$F$$$k$N$G!":G?7$N(B 10.0.32.18 $B$K99?7$7$F$/$@$5$$$M!"$H$$$&0FFb!#(B

$B!!4XO"(B: Apple ships a known vulnerable version of Flash with Snow Leopard (Sophos blog, 2009.09.02)

2009.09.12 $BDI5-(B:

$B!!(BMac OS X 10.6.1 $B$GBP1~$5$l$?(B: About the security content of the Mac OS X v10.6.1 Update (Apple, 2009.09.11)

$B"#(B 2009.09.03

$B"#(B [JS09003] ATOK$B$N@H
($B%8%c%9%H%7%9%F%`(B, 2009.09.02)

$B!!(BATOK for Windows $B$K8"8B>e>:$r5v$97g4Y$,$"$j!"(Blocal user $B$,(B local SYSTEM $B8"8B$rC%

$B!!(BATOK 2006 $B!A(B 2009 for Windows$B!"(BATOK $B%9%^%$%k!"(BATOK $BDj3[@)%5!<%S%9(B (Windows) $B$K$D$$$F$O%"%C%W%G!<%H%b%8%e!<%k$,8x3+$5$l$F$$$k!#(B

$B"#(B 2009.09.02

$B"#(B $BDI5-(B

$B$$$m$$$m(B (2009.07.30)

$B!!(B Squid Proxy Cache Security Update Advisory SQUID-2009:2 $B$G$9$,!"(B2009.08.04 $BIU$G=P$7D>$7$5$l$F$^$9$M!#(BSquid 3.0.STABLE17 / 3.1.0.12 $B$O

Microsoft IIS 5/6 FTP 0Day released

$B!!G'>Z$rFMGK$9$kI,MW$O!"Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4) (milw0rm, 2009.09.01)$B!#$0$O$!(B ($BEG7l(B)$B!#(B

$B!!%"%I%P%$%6%j=P$^$7$?(B: $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975191) $B%$%s%?!<%M%C%H(B $B%$%s%U%)%a!<%7%g%s(B $B%5!<%S%9$N(B FTP $B%5!<%S%9$N@H (Microsoft, 2009.09.02)$B!#2sHr:v$H$7$F$O!"(BFTP $B%f!<%6$K$h$k%G%#%l%/%H%j:n@.$N6X;_!&=q$-9~$_$N6X;_$H(B FTP $B%5!<%S%9$NL58z2=$,5s$2$i$l$F$$$^$9!#(B

$B"#(B 2009.09.01

$B"#(B OpenOffice.org 3.1 $B0JA0$KJ#?t$N7g4Y(B
(secunia, 2009.09.01)

$B!!$3$l(B:

$B!!(BOpenOffice.org 3.1.1 $B$G=$@5$5$l$F$$$k!#(B

$B!!$H$3$m$,!"8=:_G[I[$5$l$F$$$k(B OpenOffice.org 3.1.1 $B$N(B Windows $BHG%P%$%J%j$K$O!"7g4Y$N$"$k(B MSVC++ $B%i%s%?%$%`(B (ATL $BJ}LL(B) $B$,F1:-$5$l$F$$$k$=$&$G(B:

$B"#(B $BDI5-(B

$B%Y%/%?!<$*$h$SAk$NEN$GG[I[$5$l$F$$$?%=%U%H%&%'%"$N0lIt$,(B Induc $B$K46@w$7$F$$$?$3$H$,H=L@(B

$B!!F|K\$N;(;o$K$b(B: DTM$B%^%,%8%s(B9$B7n9fIUO?(BDVD$B$N<}O?%U%j!<%=%U%H$,!V(BInduc$B!W46@w(B (Internet Watch, 2009.08.28)

$B"#(B Microsoft IIS 5/6 FTP 0Day released
(SANS ISC, 2009.08.31)

$B!!$3$l(B: Microsoft IIS 5.0/6.0 FTP Server Remote Stack Overflow Exploit (win2k) (milw0rm, 2009.08.31)$B!#(B $B$3$N7g4Y$rMxMQ$9$k$K$OG'>Z$rFMGK$9$kI,MW$,$"$k$,!"(Banonymous FTP $B$7$F$?$j$9$k$H%d%P$$!#(B CVE-2009-3023

$B!!4XO"(B: JVNVU#276653: Microsoft Internet Information Services FTP $B%5!<%P$K$*$1$k%P%C%U%!%*!<%P!<%U%m!<$N@H (JVN, 2009.09.01)

2009.09.02 $BDI5-(B:

$B!!(B$BG'>Z$rFMGK$9$kI,MW$O!" Microsoft IIS 5.0 FTP Server Remote Stack Overflow Exploit (win2k sp4) (milw0rm, 2009.09.01)$B!#$0$O$!(B ($BEG7l(B)$B!#(B

$B!!%"%I%P%$%6%j=P$^$7$?(B: $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975191) $B%$%s%?!<%M%C%H(B $B%$%s%U%)%a!<%7%g%s(B $B%5!<%S%9$N(B FTP $B%5!<%S%9$N@H (Microsoft, 2009.09.02)$B!#2sHr:v$H$7$F$O!"(BFTP $B%f!<%6$K$h$k%G%#%l%/%H%j:n@.$N6X;_!&=q$-9~$_$N6X;_$H(B FTP $B%5!<%S%9$NL58z2=$,5s$2$i$l$F$$$^$9!#(BCVE-2009-3023

2009.09.04 $BDI5-(B:

$B!!$d$C$Q$jG'>ZDL$i$J$$$H$@$a$G$7$?!#$9$$$^$;$s!#$3$,$5$s!":4L>LZ$5$s>pJs$"$j$,$H$&$4$6$$$^$9!#4XO"(B: MS-IIS FTP Service 5/6 $B$N(B NLST $B%3%^%s%I$N@H (ntt.com, 2009.09.03)

$B!!(B$B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#(B $B%"%I%P%$%6%j(B (975191) $B%$%s%?!<%M%C%H(B $B%$%s%U%)%a!<%7%g%s(B $B%5!<%S%9$N(B FTP $B%5!<%S%9$N@H (Microsoft, 2009.09.02) $B$,2~D{$5$l!"(BCVE-2009-2521 $B$,DI2C$5$l$^$7$?!#(BIIS 5.0 / 5.1 / 6.0 / 7.0 $BIUB0$N(B FTP $B%5!<%S%9$K(B DoS $B967b$r

2009.09.12 $BDI5-(B:

$B!!(Bhttp://www.milw0rm.com/exploits/9587

$B2a5n$N5-;v(B: 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998

[$B%;%-%e%j%F%#%[!<%k(B memo]
[$B;d$K$D$$$F(B]