$B%;%-%e%j%F%#%[!<%k(B memo

Last modified: Sun Oct 25 00:30:42 2009 +0900 (JST)


$B!!(BSecurity Watch $B$5$s$,E9$8$^$$$5$l$F$7$^$C$?$N$G!"(B $B8D?M$GDI$$$+$1$F$_$k%F%9%H$G$9!#(B $BHwK:O?$H$7$F=q$$$F$*$/$D$b$j$J$N$G!"(B Security Watch $B$5$s$N$h$&$J>\:Y$J$b$N$G$O$"$j$^$;$s!#(B $B4pK\E*$J%?!<%2%C%H$O(B UNIX$B!"(BWindows$B!"(BMac OS (priority $B=g(B) $B$H$7$^$9!#(B $B$^$?!"$3$N%Z!<%8$NFbMF$O$I$N%Z!<%8$K$bA}$7$FL5J]>Z$G$"$k$3$H$r@k8@$7$F$*$-$^$9!#A4$F$N>pJs$,=8$^$C$F$$$k$o$1$b$"$j$^$;$s!#(B

$B!!$3$3$K:\$;$k>pJs$K$D$$$F$O!"2DG=$J8B$j(B 1 $BpJs8;$X$N%j%s%/$r:n@.$7$F$*$-$^$9!#(B $B3F<+$G(B 1 $BpJs8;$NFbMF$r3NG'$7$F$/$@$5$$!#(B $B$3$N%Z!<%8$NFbMF$r$/$l$0$l$b1-0{$_$K$7$J$$$h$&$K!#(B $B4V0c$$$rH/8+$5$l$?J}!"5-:\$5$l$F$$$J$$>pJs$r$4B8CN$NJ}!"$<$R(B$B$*$7$($F$/$@$5$$(B$B!#$h$m$7$/$*4j$$$$$?$7$^$9!#(B

$B!!$3$N%Z!<%8$N>pJs$rMxMQ$5$l$kA0$K!"(B$BCm0U=q$-(B$B$r$*FI$_$/$@$5$$!#(B


$B!!(B[ $BDjHV>pJs8;(B ] $B!!2a5n$N5-;v(B: 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998


[SCAN Security Wire NP Prize 2001]

$B!V(BScan Security Wire$B!W(B $BSCAN Security Wire NP Prize 2001 $B$r^(B$B$7$^$7$?!#(B

$B!!(B

$B!V%M%C%H%i%s%J!o=,^$r!"%Y%9%H!&%*%V!&>o=,^$r^$7$^$7$?!#(B


www.iraqbodycount.org www.iraqbodycount.org

$BI|4)%j%/%(%9%H
$B%8%'%$%`%:(B.$B#F(B.$B%@%K%,%s!V(B $B?7!&@oAh$N%F%/%N%m%8!<(B$B!W(B($B8=:_(B27$BI<(B)
$BCf;3?.90!V(B$B%=%U%H%&%'%"$NK!E*J]8n(B$B!W(B ($B8=:_(B119$BI<(B) ($B%*%s%G%^%s%I9XF~2D(B)
$B%j%G%k!&%O!<%H!V(B$B@oN,O@!!4V@\E*%"%W%m!<%A(B$B!W(B ($BI|4)7hDj(B)
$BN&0f;0O:Lu!&JT!V(B$B%Y%H%J%`5"4TJ<$N>Z8@(B$B!W(B ($B8=:_(B103$BI<(B)
$BNS9nL@!V(B$B%+%U%+%9$N>.$5$J9q!!%A%'%A%'%sFHN)1?F0;OKv(B$B!W(B ($B8=:_(B166$BI<(B)

RSS $B$KBP1~$7$F$_$^$7$?!#(B $B>.%M%?$O4^$^$l$F$$$^$;$s!#!V@/<#$M$?%&%<%'!W$H$$$&?M$O(B RSS $B%Y!<%9$GFI$`$H9,$;$K$J$l$k$G$7$g$&(B ($B%&%6$/$J$$?M$O(B $B$3$C$A$N(B RSS $B$,$h$$$+$b$7$l$^$;$s(B)$B!#(B RSS 1.0 $B$G$9$N$G!"$"$/$^$G(B RDF Site Summary $B$G$9!#(B $B8=:_$O(B Really Simple Syndication $B$K$OBP1~$7$F$$$^$;$s!#(B
$B:#$9$0(B Really Simple Syndication $B$,$[$7$$?M$O!"$N$$$s$5$s$K$h$k(B Web $B%5%$%H$N(B RSS $B$r>! $B$r;2>H$7$F$/$@$5$$!#(B($B$N$$$s$5$s>pJs$"$j$,$H$&$4$6$$$^$9(B)

$B<BMQ(B SSH $BBh(B2$BHG(B: $B%;%-%e%
2 $B:~$,=P$^$7$?!#(B$B%*%i%$%j!<$GCmJ8$7(B$B!"Hw9MMw$K!VI,$:(B2$B:~$G$"$k$3$H!W$H=q$/$H(B 2 $B:~$r3N

$B"#(B 2009.10.25

$B"#(B $BDI5-(B

$B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B

$B!!$D$E$-!#$H$j$"$($:D>$C$?$i$7$$!#(B


$B"#(B 2009.10.24


$B"#(B 2009.10.23

$B"#(B $BDI5-(B

Microsoft Security Essentials Beta

$B!!(BMicrosoft Security Essentials $BF|K\8lHG$r(B8$BG/A0$N%Q%=%3%s$K%$%s%9%H!<%k$7$F$_$?(B ($B%Q%=%3%s%H%i%V%k=PD%=$M}!&%5%]!<%HF|5-(B, 2009.10.13)$B!#0U30$H;H$($A$c$&LOMM!#(B

$B"#(B $B9u$$2hLL$K%^%&%9%+!<%=%k(B (Win32/Daonol)
($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2009.10.23)

$B!!(BGumblar Reloaded $BJ}LLOC$N$h$&$G!#(B

$B?'!9$HD4$Y$F$_$k$H!"(BWin32/Daonol $B$N(B $B:G6a$N0!C$5$l$^$9!#(B

$B!!BP1~MQ$N%l%8%9%H%j@_Dj$,5-:\$5$l$F$$$k!#(BWindows PE $B$r;H$C$?%l%8%9%H%j=$@5$K$D$$$F$O!"$?$H$($P!"(BWindows PE $B40A43hMQ%,%$%I!N(BTechnique 3$B!O(B $B%*%U%i%$%s$N>uBV$G%l%8%9%H%j$rJT=8$9$k$K$O!)(B (ComputerWorld.jp) $B$r;2>H!#(B

$B!!4XO"(B: Windows$B%m%4$,=P$?8e!"??$C9u$N2hLL$K%^%&%9%+!<%=%k$@$1(B ($B%Q%=%3%s%H%i%V%k=PD%=$M}!&%5%]!<%HF|5-(B, 2009.10.22)$B!#8=>l$N?M$O$?$$$X$s$G$9!#(B

$B"#(B $B$$$m$$$m(B (2009.10.23)
(various)

$B"#(B $B%5%s%7%c%$%sKR>l(B $B%"%$%F%`2]6b(B
($B?eL57n$P$1$i$N$($SF|5-(B, 2009.10.22)

$B!!KR>l

$B$7$+$7!"\$7$/$O=q$1$^$;$s$,!"8=;~E@$G$O!"%5%s%7%c%$%sKR>l$G%+!<%I>pJs$rEPO?$9$k$3$H$OHr$1$k$Y$-$G$9!#$*$=$i$/6a$$$&$A$KF0$-$,$"$k$H;W$$$^$9$N$G!"$b$&>/$7BT$A$^$7$g$&!#(B

$B"(DI5-(B: $B$H$j$"$($:!"%+!<%IHV9f$OO3$l$F$$$J$$$h$&$G$9!#(B

$B!!4XO"(B:

2009.10.25 $BDI5-(B:

$B!!$D$E$-!#$H$j$"$($:D>$C$?$i$7$$!#(B


$B"#(B 2009.10.22

$B"#(B WordPress 2.8.5 $B%j%j!<%9(B
(wordpress.org, 2009.10.21)

$B!!(BWordPress 2.8.5 $BEP>l!#(BWordPress 2.9 $B$N3+H/Cf$K2~A1$5$l$?FbMF$r(B WordPress 2.8 $B$K(B backport $B$7$?$=$&$G!#(B

$B!!(B$B%d%i%l$?;vNc(B$B$b>/$J$/$J$$$h$&$G$9$N$G!"(BWordPress $BMxMQ

$B"#(B Microsoft 2009 $BG/(B 10 $B7n$N%;%-%e%j%F%#>pJs(B
(Microsoft, 2009.10.14)

MS09-050 - $B6[5^(B: SMBv2 $B$N@H

$B!!(BWindows Vista / Server 2008 $B$N(B SMBv2 $B

MS09-051 - $B6[5^(B: Windows Media Runtime $B$N@H

$B!!(BWindows 2000 / XP / Server 2003 / Vista / Server 2008 $B$K7g4Y!#(B Windows Media Runtime $B$K(B 2 $B$D$N7g4Y$,$"$k!#(B

$B!!4XO"(B:

MS09-052 - $B6[5^(B: Windows Media Player $B$N@H

MS09-053 - $B=EMW(B: $B%$%s%?!<%M%C%H(B $B%$%s%U%)%a!<%7%g%s(B $B%5!<%S%9$N(B FTP $B%5!<%S%9$N@H

$B!!(BIIS 5.0 / 5.1 / 6.0 / 7.0 $B$N(B FTP $B%5!<%P$K(B 2 $B$D$N7g4Y!#(B

MS09-054 - $B6[5^(B: Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (974455)

$B!!(BIE 5.01 / 6 / 7 / 8 $B$K(B 4 $B$D$N7g4Y!#(B

  • $B%G!<%?(B $B%9%H%j!<%`$N%X%C%@!<$NGKB;$N@HCVE-2009-1547

    $B%G!<%?%9%H%j!<%`%X%C%@$N07$$$K7g4Y$,$"$j!"(B $B96N,%9%H%j!<%`$K$h$C$FG$0U$N%3!<%I$r

  • HTML $B$N%3%s%]!<%M%s%H=hM}$N@HCVE-2009-2529

    $B4XO">pJs(B: .NET Framework Assistant Blocked to Disarm Security Vulnerability$B!#(B Exploitability Index: 1

  • $B=i4|2=$5$l$F$$$J$$%a%b%j$NGKB;$N@HCVE-2009-2530

    $B%*%V%8%'%/%H$N=hM}$K7g4Y$,$"$j!"(B $B96N,(B Web $B%Z!<%8$K$h$C$FG$0U$N%3!<%I$r

  • $B=i4|2=$5$l$F$$$J$$%a%b%j$NGKB;$N@HCVE-2009-2531

    $B%*%V%8%'%/%H$N=hM}$K7g4Y$,$"$j!"(B $B96N,(B Web $B%Z!<%8$K$h$C$FG$0U$N%3!<%I$r

$B!!4XO"(B:

MS09-055 - $B6[5^(B: ActiveX $B$N(B Kill Bit $B$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (973525)

$B!!(BMS09-035 - $B7Y9p(B: Visual Studio $B$N(B Active Template Library $B$N@H $B$N$D$E$-!#(BCVE-2009-2493

ATL $B$r;HMQ$7$F:n@.$7$?%3%s%]!<%M%s%H$*$h$S%3%s%H%m!<%k$K$D$$$F!"(BOleLoadFromStream $B$r0BA4$K;HMQ$7$J$$$3$H$G!"(BInternet Explorer $B$GG$0U$N%*%V%8%'%/%H$,%$%s%9%?%s%92=$5$l!"4XO"$N%;%-%e%j%F%#%]%j%7!<$,L5;k$5$l$k2DG=@-$,$"$j$^$9!#(B

$B6qBNE*$K$O!"

  • Windows Live Mail $B%3%s%]!<%M%s%H(B (msmail.dll, mailcommm.dll)

  • Office Web $B%3%s%]!<%M%s%H!"(BOutlook View $B%3%s%H%m!<%k!"(BVisio Viewer $B$*$h$S(B MSN Photo Upload Tool (msowc.dll, owc10.dll, owc11.dll, outlctl.dll, vviewer.dll, msnpupld.dll)

  • Office Excel Add-in for SQL Analysis Services (ReportBuilderAddin.dll)

MS09-056 - $B=EMW(B: Windows CryptoAPI $B$N@H

MS09-057 - $B=EMW(B: $B%$%s%G%C%/%9(B $B%5!<%S%9$N@H

MS09-058 - $B=EMW(B: Windows $B%+!<%M%k$N@H:3J$5$l$k(B (971486)

$B!!(BWindows 2000 / XP / Server 2003 / Vista / Server 2008 $B$N(B kernel $B$K(B 3 $B$D$N7g4Y!#(B

  • Windows $B%+!<%M%k$N@0?t$N%"%s%@!<%U%m!<$N@HCVE-2009-2515

    Exploitability Index: 2

  • Windows $B%+!<%M%k$N(B NULL $B%]%$%s%?!<5U;2>H$N@HCVE-2009-2516

    Exploitability Index: 3

  • Windows $B%+!<%M%k$NNc30%O%s%I%i!<$N@HCVE-2009-2517

    Exploitability Index: 3

$B!!M}O@E*$K$OG$0U$N%3!<%I$N

MS09-059 - $B=EMW(B: Local Security Authority Subsystem Service (LSASS) $B$N@H

MS09-060 - $B6[5^(B: Microsoft Office $BMQ$N(B Microsoft ATL (Active Template Library) $B$N(B ActiveX $B%3%s%H%m!<%k$N@H

$B!!(BOffice XP / 2003 / 2007, Visio Viewer 2002 / 2003 / 2007 $B$K7g4Y!#(B MS09-034 - $B6[5^(B: Internet Explorer $BMQ$NN_@QE*$J%;%-%e%j%F%#99?7%W%m%0%i%`(B (972260) $B$N$D$E$-$,(B 3 $BE@!#(B

  • ATL $B$NL$=i4|2=%*%V%8%'%/%H$N@HCVE-2009-0901

    Exploitability Index: N/A

  • ATL COM $B$N=i4|2=$N@HCVE-2009-2493

    Exploitability Index: N/A

  • ATL $B$N(B Null $BJ8;zNs$N@HCVE-2009-2495

    Exploitability Index: 3

$B!!$J$*!"(BOutlook $BMQ$N=$@5%W%m%0%i%`$rE,MQ$9$k$H!"(BOutlook View Control with Forms 2.0 $BMxMQ;~$KIT6q9g$,H/@8$9$kLOMM$G!"$=$N$?$a$N=$@5%W%m%0%i%`$,JLESDs6!$5$l$F$$$k!#(B

MS09-061 - $B6[5^(B: Microsoft .NET $B6&DL8@8l%i%s%?%$%`$N@H

$B!!(B.NET Framework 1.0 / 1.1 / 2.0 $B$*$h$S(B Silverlight 2 $B$K(B 3 $B$D$N7g4Y!#(B

MS09-062 - $B6[5^(B: GDI+ $B$N@H

$B!!(BWindows XP / Server 2003 / Vista / Server 2008, IE 6, .NET Framework 1.1 / 2.0 $B$K(B 3 $B$D$N7g4Y!#(B

  • GDI+ WMF $B$N@0?t%*!<%P!<%U%m!<$N@HCVE-2009-2500

    Exploitability Index: 2

  • GDI+ PNG $B$N%R!<%W(B $B%*!<%P!<%U%m!<$N@HCVE-2009-2501

    Exploitability Index: 2

  • GDI+ TIFF $B$N%P%C%U%!!<(B $B%*!<%P!<%U%m!<$N@HCVE-2009-2502

    Exploitability Index: 2

  • GDI+ TIFF $B$N%a%b%j$NGKB;$N@HCVE-2009-2503

    Exploitability Index: 1

  • GDI+ .NET API $B$N@HCVE-2009-2504

    Exploitability Index: 2

  • Office BMP $B$N@0?t%*!<%P!<%U%m!<$N@HCVE-2009-2518

    Exploitability Index: 2

  • $B%a%b%j$NGK(BB;$N@HCVE-2009-2528

    Exploitability Index: 1

  • GDI+ PNG $B$N@0?t%*!<%P!<%U%m!<$N@HCVE-2009-3126

    Exploitability Index: 2

$B!!4XO"(B:


$B"#(B 2009.10.21

$B"#(B $B$$$m$$$m(B (2009.10.21)
(various)

$B"#(B Oracle Critical Patch Update Advisory - October 2009
(Oracle, 2009.10.20)

$B!!=P$^$7$?!#

$B"#(B $BDI5-(B

APSB09-15: Security Advisory for Adobe Reader and Acrobat

$B!!(BSmashing Adobe's Heap Memory Management Systems for Profit. (fortiguard, 2009.10.16)$B!#(BCVE-2009-3459 $B$N2r@O!#(B

SSL$B%H%i%U%#%C%/$rK5

$B!!4XO"(B:

.NET Framework Assistant Blocked to Disarm Security Vulnerability

$B!!4XO"(B:


$B"#(B 2009.10.20


$B"#(B 2009.10.19

$B"#(B .NET Framework Assistant Blocked to Disarm Security Vulnerability
(Mozilla Security Blog, 2009.10.16)

$B!!(BMS09-054 $B$G=$@5$5$l$F$$$k(B 4 $B$D$N7g4Y$N$&$A!"!V(BHTML $B$N%3%s%]!<%M%s%H=hM}$N@HCVE-2009-2529$B!W$O(B Windows Presentation Foundation $B%W%i%0%$%s$rDL$8$F(B Firefox $B$K$b1F6A$9$k(B$B$?$a!"(BFirefox $BB&$G(B .NET Framework Assistant $B$H(B Windows Presentation Foundation $B$rL58z2=$9$k(B (blacklist $B$KEPO?$9$k(B) $B=hCV$r

$B!!$3$l$G$9$M(B:

$B!!$G$b!"",$N(B [$B>\:Y(B] $B$r%/%j%C%/$9$k$H!"$3$s$J$3$H"-$K$J$C$F$7$^$&$N$O$A$g$C$H$J$"(B:

$B!!$"$H!"(B$B855-;v(B $B$KDI5-$5$l$?$H$3$m$K$h$k$H!"(B

Update (Sunday Oct 18, 6:30pm PDT): Microsoft has now confirmed that the Framework Assistant add-on is not a vector for this attack, and we have removed the entry from the blocklist. We are also working on a mechanism to allow Firefox users to re-enable the WPF plugin ahead of its eventual removal from the blocklist. For more information, see Mike Shaver’s latest blog post.

.NET Framework Assistant $B$O!"

$B!!4XO"(B: Mozilla$B!"%P%0$N$"$kJF(BMicrosoft$B$N!V(BFirefox$B!W%W%i%0%$%s$rL58z2=(B (sourceforge.jp, 2009.10.19)

2009.10.21 $BDI5-(B:

$B!!4XO"(B:

$B"#(B $B$$$m$$$m(B (2009.10.19)
(various)

$B"#(B $BDI5-(B

Microsoft Security Essentials Beta

$B!!4XO"(B:


$B"#(B 2009.10.16


$B"#(B 2009.10.15


$B"#(B 2009.10.14

$B"#(B $BDI5-(B

APSB09-15: Security Advisory for Adobe Reader and Acrobat

$B!!(BAdobe Reader / Acrobat 9.2 / 8.1.7 / 7.1.4 for Windows / Mac / Unix $B$G=$@5$5$l$^$7$?!#(B

$B!!4XO"(B: $B%"%I%S@=IJ$K?7$?$J@H ($B%H%l%s%I%^%$%/%m(B $B%;%-%e%j%F%#(B blog, 2009.10.13)


$B"#(B 2009.10.13

$B"#(B Snow Leopard$B$K?<9o$J%P%0!"%f!<%6!<$N8D?M%G!<%?$,<:$o$l$k$*$=$l!!%2%9%H!&%"%+%&%s%HMxMQ;~$KLdBjH/@8(B
(ComputerWorld.jp, 2009.10.13)

$B!!(BMac OS X 10.6 Snow Leopard $B$K$O%V!<%S!

$BLdBj$NFbMF$O!"%f!<%6!<$,%2%9%H!&%"%+%&%s%H$G%m%0%$%s$7$?$"$H$K%m%0%"%&%H$7!"DL>o;H$C$F$$$k%f!<%6!<$N%"%+%&%s%H$G%m%0%$%s$9$k$H!"(BSnow Leopard$B$N%[!<%`!&%G%#%l%/%H%j!J(BMac$B$NA0$,IU$1$i$l$F$$$k!K$,>e=q$-$5$l!"Cf?H$,$9$Y$F>C$($F$7$^$&$H$$$&$b$N!#%[!<%`!&%G%#%l%/%H%jFb$N%U%)%k%@!J(BDocuments$B!"(BDownloads$B!"(BMusic$B!"(BPicture$B$J$I!K$O$9$Y$F6u$K$J$j!"(BDesktop$B$H(BDock$B$O9)>l=P2Y;~$N>uBV$KLa$k!#(B

$B!!$J$s$8$c$=$j$c!A!A!#(B

$B"#(B $BDI5-(B

htmlspecialchars$B$K4X$9$k;DG0$J$*CN$i$;(B

$B!!(Bhtmlspecialchars$B$K4X$9$kAGE($J$*CN$i$;(B ($B4dK\N4;K$NF|5-D"(B, 2009.10.09)$B!#$h$+$C$?$h$+$C$?!#(B


$B"#(B 2009.10.12


$B"#(B 2009.10.11

$B"#(B $BDI5-(B

APSB09-15: Security Advisory for Adobe Reader and Acrobat

$B!!(BNew Adobe Zero-Day Exploit (trendmicro blog, 2009.10.09)


$B"#(B 2009.10.09

$B"#(B APSB09-15: Security Advisory for Adobe Reader and Acrobat
(Adobe, 2009.10.08)

$B!!(BAdobe Reader / Acrobat 9.1.3 / 8.1.6 / 7.1.3 for Windows / Mac / Unix ($B$D$^$j8=9T%P!<%8%g%sA4It(B) $B$K(B 0-day $B7g4Y$"$j!"(B9.1.3 for Windows $B$r96N,$9$k%^%k%&%'%"$,4{$KEP>l$7$F$$$kLOMM!#(B CVE-2009-3459

$B!!(BAdobe Reader / Acrobat 9.1.3 for Windows $B$r96N,$9$k%^%k%&%'%"$K$D$$$F$O!"(B

$B$H$$$&>u67$@$=$&$G!#(B

$B!!(B2009.10.13 (US $B;~4V$H;W$o$l!"(BWindows Update $B$NF|$HF10l(B) $B$K99?7HG$,MQ0U$5$l$kM=Dj!#$3$l$,(B second quarterly security update $B$H$J$k!#(B

2009.10.11 $BDI5-(B:

$B!!(BNew Adobe Zero-Day Exploit (trendmicro blog, 2009.10.09)

2009.10.14 $BDI5-(B:

$B!!(BAdobe Reader / Acrobat 9.2 / 8.1.7 / 7.1.4 for Windows / Mac / Unix $B$G=$@5$5$l$^$7$?!#(B

$B!!4XO"(B: $B%"%I%S@=IJ$K?7$?$J@H ($B%H%l%s%I%^%$%/%m(B $B%;%-%e%j%F%#(B blog, 2009.10.13)

2009.10.21 $BDI5-(B:

$B!!(BSmashing Adobe's Heap Memory Management Systems for Profit. (fortiguard, 2009.10.16)$B!#(BCVE-2009-3459 $B$N2r@O!#(B

$B"#(B $BDI5-(B

Microsoft Security Essentials Beta

$B!!4XO"(B:

$B!!(B$B%7%9%F%`MW7o(B$B$bL5;v2~D{$5$l$?$h$&$G!#$"$H!":#5$$,$D$$$?$N$G$9$,!"(B

Microsoft Security Essentials $B$O!"(BWindows 7 $B$N(B Windows XP $B%b!<%I$K$bBP1~$7$F$$$^$9!#>\:Y$K$D$$$F$O!"(BWindows 7 $B$N(B Windows XP $B%b!<%I$r;HMQ$9$k$?$a$N(B $B%7%9%F%`MW7o(B $B$r;2>H$7$F$/$@$5$$!#(B

$B!!(BXP $B%b!<%IMQ$K(B MSE $B$r;H(B&!"$H$$$&$N$,$"$k$N$G$9$M!#

$B"#(B $B$$$m$$$m(B (2009.10.09)
(various)

$B"#(B $B%^%$%/%m%=%U%H(B $B%;%-%e%j%F%#>pJs$N;vA0DLCN(B - 2009 $BG/(B 10 $B7n(B
(Microsoft, 2009.10.09)

$B!!6[5^(B x 8$B!"=EMW(B x 5 $B$C$F!D!D!#BP>]$b(B Windows, IE, Office, Silverlight (!), SQL Server, $B3+H/%D!<%k(B, Forefront $B$HB?J}LL$K$o$?$C$F$k!#(B

$B!!$"$H!"(BOctober 2009 Bulletin Release Advance Notification (MSRC blog, 2009.10.08) $B$K$h$k$H!"(B

Among the updates this month, we are closing out two current security advisories:

         Vulnerabilities in SMB Could Allow Remote Code Execution (975497)

         Vulnerabilities in the FTP Service in Internet Information Services (975191)


$B"#(B 2009.10.08

$B"#(B Changes with Apache 2.2.14
(apache.org, 2009.10.05)

$B!!(BApache 2.2.14 $BEP>l!#(B3 $B7o$N%;%-%e%j%F%#=$@5$,4^$^$l$F$$$k!#(B

$B!!(BApache httpd 2.2 vulnerabilities $B$b;2>H!#(B

$B"#(B $BDI5-(B

wnpa-sec-2009-06: Multiple vulnerabilities in Wireshark version 0.99.6 to 1.2.1

$B!!>e5-(B CVE $B$NB>$K!"(BJVNVU#676492: Wireshark $B$N(B erf $B%U%!%$%k=hM}$K@H (JVN, 2009.10.07) $B$H$$$&OC$,$"$C$?LOMM!#(BWireshark 1.2.2 $B%j%j!<%9%N!<%H(B$B$K$O$3$&$"$k(B:

The following bugs have been fixed:
($BCfN,(B)
Wireshark could crash while reading an ERF file. (Bug 3849)

$B"#(B 2009.10.07

$B"#(B $B$$$m$$$m(B (2009.10.07)
(various)

$B"#(B $BDI5-(B

Re: [Full-disclosure] FreeBSD <= 6.1 kqueue() NULL pointer dereference

Microsoft Security Essentials Beta

$B!!(BMicrosoft Security Essentials FAQ$BIw$^$H$a(B ($BF|K\$N%;%-%e%j%F%#%A!<%`(B, 2009.10.07)

Q Microsoft Security Essentials$B$O!"(BWindows XP $B$G$J$<(B1GB$B$b$N%a%b%j$rI,MW$H$9$k$N$G$9$+!)(B
A Microsoft Security Essentials$B$r(BWindows XP$B$GI,MW$J%a%b%j$O!"(B256MB$B$H$J$j$^$9!#6aF|Cf$K(B1GB$B$H5-:\$5$l$F$$$k%5%$%H$r99?7M=Dj$G$9!#(B

$B!!$J$!$s$@!D!D!#(B

$B"#(B htmlspecialchars$B$K4X$9$k;DG0$J$*CN$i$;(B
($B4dK\N4;K$NF|5-D"(B, 2009.10.06)

$B!!;DG0$G$9!#(B

2009.10.13 $BDI5-(B:

$B!!(Bhtmlspecialchars$B$K4X$9$kAGE($J$*CN$i$;(B ($B4dK\N4;K$NF|5-D"(B, 2009.10.09)$B!#$h$+$C$?$h$+$C$?!#(B


$B"#(B 2009.10.06

$B"#(B $BDI5-(B

Google Chrome Stable Channel Update: 3.0.195.24

$B!!(BGoogle Chrome$B$,%"%C%W%G!<%H!)(B ($B%(%U%;%-%e%"%V%m%0(B, 2009.10.01)$B!#(B Google Chrome $B$r(B 3.0.195.24 $B$K99?7$7$F$b!"5l%P!<%8%g%s(B 3.0.195.21 $B$N%U%!%$%k$O>C$5$l$J$$$^$^;D$C$F$$$k$H$$$&OC!#


$B"#(B 2009.10.05

$B"#(B Samba 3.4.2 / 3.3.8 / 3.2.15 / 3.0.37 $BEP>l(B
(Samba.org, 2009.10.01)

$B!!(BSamba 3.4.2 / 3.3.8 / 3.2.15 / 3.0.37 $BEP>l!#(B3 $B$D$N7g4Y$,=$@5$5$l$F$$$k!#(B

$B!!4XO"(B: Samba3 Release Planning (samba.org)$B!#(B3.0 $B7ONs$O$b$O$d%a%s%F%J%s%9$5$l$F$$$J$$$O$:$@$C$?$N$G$9$M!#(B


$B"#(B 2009.10.04


$B"#(B 2009.10.02

$B"#(B $BDI5-(B

Microsoft Security Essentials Beta

$B!!4XO"(B:

$B"#(B $B$$$m$$$m(B (2009.10.02)
(various)

$B"#(B $B!V$O$F$J%V%C%/%^!<%/(B $B%b%P%$%kHG!W$N@H
($B$O$F$J(B, 2009.10.01)

$B!!!V$O$F$J%V%C%/%^!<%/(B $B%b%P%$%kHG!W$K7g4Y!#(B/entrymobile $B%Z!<%8$K$*$1$k(B DoCoMo $BCpJs$,%-%c%C%7%e$5$l$F$$$?!#7k2L$H$7$F%;%C%7%g%s%O%$%8%c%C%/$,2DG=$G!"(B $B%V%C%/%^!<%/%3%a%s%H$,2~$6$s$5$l$k

$B!!K\7g4Y$O4{$K=$@5$5$l$F$$$k!#$"$H!"(B

$BK\7o$O!"IT@5%"%/%;%96X;_K!0cH?Ey$K3:Ev$7$^$9$?$a!"=j3m$N7Y;!=p$J$i$S$K(BIPA$B$KFO=P$r$$$?$7$^$9!#(B

$B$@$=$&$G!#(B


$B"#(B 2009.10.01

$B"#(B Google Chrome Stable Channel Update: 3.0.195.24
(Google Chrome Releases, 2009.09.30)

$B!!G$0U$N%3!<%I$N7$/7g4Y(B CVE-2009-0689 $B$r=$@5!"$@$=$&$G$9!#(B

2009.10.06 $BDI5-(B:

$B!!(BGoogle Chrome$B$,%"%C%W%G!<%H!)(B ($B%(%U%;%-%e%"%V%m%0(B, 2009.10.01)$B!#(B Google Chrome $B$r(B 3.0.195.24 $B$K99?7$7$F$b!"5l%P!<%8%g%s(B 3.0.195.21 $B$N%U%!%$%k$O>C$5$l$J$$$^$^;D$C$F$$$k$H$$$&OC!#


$B2a5n$N5-;v(B: 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 | 2001 | 2000 | 1999 | 1998


[$B%;%-%e%j%F%#%[!<%k(B memo]