ä»æã®ãããã§å¯ŸåŠãããŠããåé¡ã®äžéšã«ã€ããŠã詳ããæ
å ±ã以äžã«ç€ºããŸãã
-
Microsoft Internet Explorer ããã³ Edge çšã®çŽ¯ç©çãªã»ãã¥ãªãã£æŽæ°ããã°ã©ã
Internet Explorer ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0226ïŒMS ã®æ·±å»åºŠ: éèŠ
Internet Explorer ã®ã¡ã¢ãªå
ã®ãªããžã§ã¯ããžã®ã¢ã¯ã»ã¹ãäžé©åãªå Žåã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããWeb ããŒã¹ã®æ»æãä»æãããšãæ»æè
㯠Internet Explorer ãä»ããŠããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ãã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãã
Internet Explorer ã®ã»ãã¥ãªãã£æ©èœã®ãã€ãã¹ã®è匱æ§ïŒCVE-2017-0064ïŒMS ã®æ·±å»åºŠ: éèŠ
Internet Explorer ãã€ã³ã¿ãŒããããŸãŒã³ããã®ãã¡ã€ã«ãåŠçãããšãã«ãã»ãã¥ãªãã£æ©èœã®ãã€ãã¹ã®è匱æ§ãååšããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ãæ»æè
ããã®ã»ãã¥ãªãã£æ©èœã®ãã€ãã¹ãæªçšããŠãæªè³ªãª Web ãµã€ãããã¹ãããå¯èœæ§ããããŸãããŸããé»åã¡ãŒã«ãã€ã³ã¹ã¿ã³ãã¡ãã»ãŒãžã«ããæ»æã·ããªãªã§ã¯ããã®ãã€ãã¹ãæªçšããããã«ç¹å¥ã«çŽ°å·¥ããã .url ãã¡ã€ã«ãæšçã®ãŠãŒã¶ãŒã«éä¿¡ããããšãèããããŸãã
Internet Explorer ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0222ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Internet Explorer ã®ã¡ã¢ãªå
ã®ãªããžã§ã¯ããžã®ã¢ã¯ã»ã¹ãäžé©åãªå Žåã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ã圱é¿ãåããã·ã¹ãã ãæ»æè
ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããæ»æè
㯠Internet Explorer ãä»ããŠããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ãã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãã
Microsoft Edge ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0221ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Edge ãã¡ã¢ãªå
ã®ãªããžã§ã¯ãã«é©åã«ã¢ã¯ã»ã¹ããªãå Žåã«è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšãšãæ»æè
㯠Microsoft Edge ãä»ããŠãç¹å¥ã«çŽ°å·¥ããã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãã
Microsoft Edge ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0240ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Edge ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã«ã¹ã¯ãªãããšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0224ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft ã®ãã©ãŠã¶ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã« Chakra JavaScript ãšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã§ã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ãæ»æè
ã Microsoft ã®ãã©ãŠã¶ãä»ããŠããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ãã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0229ïŒMS ã®æ·±å»åºŠ: èŠå
Microsoft ã®ãã©ãŠã¶ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã« Chakra JavaScript ãšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã§ã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0230ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft ã®ãã©ãŠã¶ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã« Chakra JavaScript ãšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã§ã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0234ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft ã®ãã©ãŠã¶ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã« Chakra JavaScript ãšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã§ã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0235ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft ã®ãã©ãŠã¶ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã« Chakra JavaScript ãšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã§ã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ãæ»æè
ã Microsoft ã®ãã©ãŠã¶ãä»ããŠããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ãã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0236ïŒMS ã®æ·±å»åºŠ: ç·æ¥
JScript ãš VBScript ã®ãšã³ãžã³ãã¡ã¢ãªå
ã®ãªããžã§ã¯ãã Microsoft Edge ã§åŠçãããšãã«ã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
Microsoft Edge ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0227ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Edge ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã«ã¹ã¯ãªãããšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
Microsoft Edge ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0266ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Edge ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã«ã¹ã¯ãªãããšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã
Microsoft Edge ã®ç¹æš©ã®ææ Œã®è匱æ§ïŒCVE-2017-0241ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Edge 㧠URL ã«ãã¡ã€ã³ããªãããŒãžã衚瀺ãããšãã«è匱æ§ãååšããŸãããã®è匱æ§ã«ãããMicrosoft Edge ããã€ã³ãã©ããããŸãŒã³ã®ã³ã³ããã¹ãã§åŠçãå®è¡ããã€ã³ã¿ãŒããããŸãŒã³ã®ã³ã³ããã¹ãã§é²èŠ§ããéã«ã¯ãã©ãŠã¶ã§é垞䜿çšã§ããªãæ©èœã«ã¢ã¯ã»ã¹ã§ããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ããŠãŒã¶ãŒãèªå°ããæªè³ªãªæå³ã§äœæããã Web ããŒãžãé²èŠ§ãããå¿
èŠããããŸãã
Microsoft Edge ã®ç¹æš©ã®ææ Œã®è匱æ§ïŒCVE-2017-0233ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Edge ã«ç¹æš©ææ Œã®è匱æ§ãååšãããããæ»æè
ã¯ãã©ãŠã¶ã® AppContainer ãµã³ãããã¯ã¹ããéããããšãã§ããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹æš©ãææ Œã㊠Edge AppContainer ã®ãµã³ãããã¯ã¹ããæãåºããå¯èœæ§ããããŸãããã®è匱æ§èªäœãå©çšããŠãä»»æã®ã³ãŒããå®è¡ããããšã¯ã§ããŸããããããããã®è匱æ§ã 1 ã€ãŸãã¯è€æ°ã®è匱æ§ïŒãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ããç¹æš©ææ Œã®è匱æ§ãªã©ïŒãšçµã¿åãããŠæªçšããããšãå®è¡æã«ææ Œãããç¹æš©ãæªçšãããå¯èœæ§ããããŸãã
Microsoft Edge ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0228ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Edge ã§ã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçãããšãã« Chakra JavaScript ãšã³ãžã³ãã¬ã³ããªã³ã°ããæ¹æ³ã«ããªã¢ãŒãã§ã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®åé¡ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸãã
ã¹ã¯ãªãããšã³ãžã³ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0238ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft ã®ãã©ãŠã¶ã§ãJavaScript ã®ã¹ã¯ãªãããšã³ãžã³ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®è匱æ§ã«ãã£ãŠã¡ã¢ãªãç Žæããæ»æè
ãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒãšåããŠãŒã¶ãŒæš©éãååŸããå¯èœæ§ããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ããã®è匱æ§ã®æªçšã«æåããæ»æè
ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ãæ»æè
ã Microsoft ã®ãã©ãŠã¶ãä»ããŠããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ãã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸããæ»æè
ã¯ãEdge ã®ã¬ã³ããªã³ã°ãšã³ãžã³ããã¹ãããŠããã¢ããªã±ãŒã·ã§ã³ãŸã㯠Microsoft Office ææžã«ããå®å
šãªåæåããšããŒã¯ããã ActiveX ã³ã³ãããŒã«ãåã蟌ãããšãã§ããŸãããŸããæ»æè
ã¯äŸµå
¥ãã Web ãµã€ããããŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ãããŠãã Web ãµã€ããæªçšããããšãèããããŸãããã®ãã㪠Web ãµã€ãã«ã¯ãè匱æ§ãæªçšã§ããç¹å¥ã«çŽ°å·¥ããã³ã³ãã³ããå«ããããå¯èœæ§ããããŸãã
Microsoft ãã©ãŠã¶ã®ãªãããŸãã®è匱æ§ïŒCVE-2017-0231ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft ã®ãã©ãŠã¶ã§ SmartScreen Filter ãã¬ã³ããªã³ã°ãããšãã«ããªãããŸãã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšããŠãŒã¶ãŒããªãã€ã¬ã¯ãããŠç¹å¥ã«çŽ°å·¥ããã Web ãµã€ããžèªå°ããå¯èœæ§ããããŸããç¹å¥ã«çŽ°å·¥ããã Web ãµã€ãã¯ããªãããŸããã³ã³ãã³ãã衚瀺ãããããWeb ãµãŒãã¹ã®ä»ã®è匱æ§ãå©çšããæ»æã«é£çµããããããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãç¹å¥ã«çŽ°å·¥ããã URL ããŠãŒã¶ãŒãã¯ãªãã¯ããå¿
èŠããããŸããé»åã¡ãŒã«ã«ããæ»æã®ã·ããªãªã§ã¯ãæ»æè
ãç¹å¥ã«çŽ°å·¥ããã URL ãå«ãé»åã¡ãŒã«ã¡ãã»ãŒãžããŠãŒã¶ãŒã«éä¿¡ãããã® URL ãã¯ãªãã¯ããããã«ãŠãŒã¶ãŒãèªå°ããå¯èœæ§ããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ãç¹å¥ã«çŽ°å·¥ãããæ£èŠã® Web ãµã€ãã«ããã«èŠãã Web ãµã€ããæ»æè
ããã¹ãããå¯èœæ§ããããŸãããã ãæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããããã® Web ãµã€ãã蚪åããããã«ãŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸãããéåžžã¯é»åã¡ãŒã«ãã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒã®ã¡ãã»ãŒãžã§èªå°ããŠãç¹å¥ã«çŽ°å·¥ããã Web ãµã€ãã«ã¢ã¯ã»ã¹ãããWeb ãµã€ãã®ã³ã³ãã³ããæäœããããä»åããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸãã
-
Microsoft Office çšã®çŽ¯ç©çãªã»ãã¥ãªãã£æŽæ°ããã°ã©ã
Microsoft Office ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0281ïŒMS ã®æ·±å»åºŠ: éèŠ
Office ãœãããŠã§ã¢ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããå Žåã«ãMicrosoft Office ãœãããŠã§ã¢ã«ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ãããã¡ã€ã«ã䜿ã£ãŠãçŸåšã®ãŠãŒã¶ãŒã®ã»ãã¥ãªãã£ã³ã³ããã¹ãã§åŠçãå®è¡ããå¯èœæ§ããããŸãããã®ãã¡ã€ã«ã¯ãããšãã°ãã°ãªã³ããŠãããŠãŒã¶ãŒã«ä»£ãã£ãŠãçŸåšã®ãŠãŒã¶ãŒãšåãæš©éã§åŠçãå®è¡ã§ããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ã圱é¿ãåããããŒãžã§ã³ã® Microsoft Office ãœãããŠã§ã¢ã§ããŠãŒã¶ãŒãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãå¿
èŠããããŸããé»åã¡ãŒã«ã«ããæ»æã®ã·ããªãªã§ã¯ãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ããŠãŒã¶ãŒã«éä¿¡ãããã®ãã¡ã€ã«ãéãããã«ãŠãŒã¶ãŒãèªå°ããå¯èœæ§ããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãå«ã Web ãµã€ããæ»æè
ããã¹ãããïŒãŸãã¯ãŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ãããŠãã Web ãµã€ããå©çšããïŒå ŽåããããŸããæ»æè
ã¯ããã® Web ãµã€ãã蚪åããããã«ãŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸããã代ããã«ãéåžžã¯é»åã¡ãŒã«ãã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒã®ã¡ãã»ãŒãžã§èªå°ããç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãããŠãŠãŒã¶ãŒã«ãªã³ã¯ãã¯ãªãã¯ãããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸãã
Microsoft Office ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0254ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Office ãœãããŠã§ã¢ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããå Žåã«ããœãããŠã§ã¢ã«ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ã圱é¿ãåããã·ã¹ãã ãæ»æè
ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããã·ã¹ãã ã§ã®ãŠãŒã¶ãŒæš©éãäœãèšå®ã®ã¢ã«ãŠã³ããæã€ãŠãŒã¶ãŒã¯ã管çè
ã®ãŠãŒã¶ãŒæš©éã§å®è¡ããŠãããŠãŒã¶ãŒããããã®è匱æ§ã«ãã圱é¿ãå°ãªããšèããããŸãããã®è匱æ§ãæªçšããã«ã¯ã圱é¿ãåããããŒãžã§ã³ã® Microsoft Office ãœãããŠã§ã¢ã§ããŠãŒã¶ãŒãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãå¿
èŠããããŸããé»åã¡ãŒã«ã«ããæ»æã®ã·ããªãªã§ã¯ãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ããŠãŒã¶ãŒã«éä¿¡ãããã®ãã¡ã€ã«ãéãããã«ãŠãŒã¶ãŒãèªå°ããå¯èœæ§ããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãå«ã Web ãµã€ããæ»æè
ããã¹ãããïŒãŸãã¯ãŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ãããŠãã Web ãµã€ããå©çšããïŒå ŽåããããŸããæ»æè
ã¯ããã® Web ãµã€ãã蚪åããããã«ãŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸããã代ããã«ãéåžžã¯é»åã¡ãŒã«ãã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒã®ã¡ãã»ãŒãžã§èªå°ããç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãããŠãŠãŒã¶ãŒã«ãªã³ã¯ãã¯ãªãã¯ãããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸãã
Microsoft Office ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0261ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Office ã«ã¯ããŠãŒã¶ãŒãäžæ£ãªã°ã©ãã£ãã¯ç»åãå«ããã¡ã€ã«ãéããããäžæ£ãªã°ã©ãã£ãã¯ç»åã Office ãã¡ã€ã«ã«æ¿å
¥ããããããšãã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®ãããªãã¡ã€ã«ã¯é»åã¡ãŒã«ã®æ·»ä»ãã¡ã€ã«ã«å«ãŸããããšããããŸããæ»æè
ã¯ããªã¢ãŒãã³ãŒãã®å®è¡ãèš±ãç¹å¥ã«çŽ°å·¥ããã EPS ãã¡ã€ã«ãäœæããŠããã®è匱æ§ãæªçšããå¯èœæ§ããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ã§ããæãããããŸãããã®è匱æ§ããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§èªåçã«æªçšããããšã¯ã§ããŸãããæ»æè
ã¯ããã®è匱æ§ã®æªçšãç®çãšãã Office ãã¡ã€ã«ãå«ããŠç¹å¥ã«çŽ°å·¥ããã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãããŸãæ»æè
ã¯ããã®è匱æ§ãæªçšã§ãããç¹å¥ã«çŽ°å·¥ãããã³ã³ãã³ããè¿œå ããããšã«ãã£ãŠã䟵å
¥ãã Web ãµã€ããããŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ããã Web ãµã€ããæªçšããããšãèããããŸãããã ããã©ã®å Žåããæ»æè
ã管çããã³ã³ãã³ããé²èŠ§ãããããŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸããã代ããã«ãéåžžã¯ã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒãé»åã¡ãŒã«ã¡ãã»ãŒãžã«èšèŒãããªã³ã¯ãã¯ãªãã¯ãããŠãæ»æè
ã® Web ãµã€ãã«èªå°ããããéä¿¡ããã¡ãŒã«ã®æ·»ä»ãã¡ã€ã«ãéããããªã©ããŠãŒã¶ãŒã«åŠçãå®è¡ãããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸããããã©ã«ãèšå®ã©ãã Word ã䜿ã£ãŠã¡ãŒã«ãèªãã å Žåãæ»æè
ã¯ç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãæšçã®ãŠãŒã¶ãŒã«éä¿¡ããŠããã¡ã€ã«ããŒã¹ã®æ»æã« Outlook ãæªçšããããšãã§ããŸãããã®ãã¡ã€ã«ã«ã¯ãEPS ç»åãã€ããªãå«ãŸããŠããŸãããã®ã·ããªãªã®æ»æçµè·¯ã§ã¯ãæå°éã®ãŠãŒã¶ãŒåŠçïŒç¹å¥ã«çŽ°å·¥ãããé»åã¡ãŒã«ã Outlook ã§è¡šç€ºãããªã©ïŒãæªçšããå¿
èŠããããŸããå±éºãããã®ã¯äž»ã«ãMicrosoft Office ãã€ã³ã¹ããŒã«ãããŠããã¯ãŒã¯ã¹ããŒã·ã§ã³ãšã¿ãŒããã«ãµãŒããŒã§ãããŠãŒã¶ãŒããµãŒããŒã«ãã°ãªã³ããŠããã°ã©ã ãå®è¡ããããšã管çè
ãèš±å¯ããŠããå ŽåããµãŒããŒã®å±éºæ§ã¯ããã«é«ããªãå¯èœæ§ããããŸãã
Microsoft SharePoint XSS ã®è匱æ§ïŒCVE-2017-0255ïŒMS ã®æ·±å»åºŠ: éèŠ
SharePoint Server ãã圱é¿ãåãã SharePoint ãµãŒããŒã«å¯Ÿãããç¹å¥ã«çŽ°å·¥ããã Web èŠæ±ãæ£ãããµãã¿ã€ãºããªãå Žåã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããèªèšŒãããæ»æè
ã¯ã圱é¿ãåãã SharePoint Server ã«å¯ŸããŠç¹å¥ã«çŽ°å·¥ãããèŠæ±ãéä¿¡ããããšã«ãã£ãŠããã®è匱æ§ãæªçšããå¯èœæ§ããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšã圱é¿ãåããã·ã¹ãã ã§ã¯ãã¹ãµã€ãã¹ã¯ãªããã£ã³ã°æ»æãå®è¡ããçŸåšã®ãŠãŒã¶ãŒã®ã»ãã¥ãªãã£ã³ã³ããã¹ãã§ã¹ã¯ãªãããå®è¡ã§ããå ŽåããããŸãããããã®æ»æãå©çšããŠãæ»æè
ã¯èš±å¯ãããŠããªãã³ã³ãã³ããèªãã ãã被害è
ã® ID ãå©çšããŠè¢«å®³è
ã«ãªãããŸããŠãæš©éãå€æŽãããã³ã³ãã³ããåé€ããã被害è
ã®ãã©ãŠã¶ã«æªè³ªãªã³ã³ãã³ããæ¿å
¥ãããªã©ãSharePoint ãµã€ãã®æäœãå®è¡ã§ããå¯èœæ§ããããŸãã
Microsoft Office ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0262ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Office ã«ã¯ããŠãŒã¶ãŒãäžæ£ãªã°ã©ãã£ãã¯ç»åãå«ããã¡ã€ã«ãéããããäžæ£ãªã°ã©ãã£ãã¯ç»åã Office ãã¡ã€ã«ã«æ¿å
¥ããããããšãã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸãããã®ãããªãã¡ã€ã«ã¯é»åã¡ãŒã«ã®æ·»ä»ãã¡ã€ã«ã«å«ãŸããããšããããŸããæ»æè
ã¯ããªã¢ãŒãã³ãŒãã®å®è¡ãèš±ãç¹å¥ã«çŽ°å·¥ããã EPS ãã¡ã€ã«ãäœæããŠããã®è匱æ§ãæªçšããå¯èœæ§ããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ã§ããæãããããŸãããã®è匱æ§ããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§èªåçã«æªçšããããšã¯ã§ããŸãããæ»æè
ã¯ããã®è匱æ§ã®æªçšãç®çãšãã Office ãã¡ã€ã«ãå«ããŠç¹å¥ã«çŽ°å·¥ããã Web ãµã€ãããã¹ããããŠãŒã¶ãŒãèªå°ããŠãã® Web ãµã€ãã衚瀺ãããå¯èœæ§ããããŸãããŸãæ»æè
ã¯ããã®è匱æ§ãæªçšã§ãããç¹å¥ã«çŽ°å·¥ãããã³ã³ãã³ããè¿œå ããããšã«ãã£ãŠã䟵å
¥ãã Web ãµã€ããããŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ããã Web ãµã€ããæªçšããããšãèããããŸãããã ããã©ã®å Žåããæ»æè
ã管çããã³ã³ãã³ããé²èŠ§ãããããŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸããã代ããã«ãéåžžã¯ã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒãé»åã¡ãŒã«ã¡ãã»ãŒãžã«èšèŒãããªã³ã¯ãã¯ãªãã¯ãããŠãæ»æè
ã® Web ãµã€ãã«èªå°ããããéä¿¡ããã¡ãŒã«ã®æ·»ä»ãã¡ã€ã«ãéããããªã©ããŠãŒã¶ãŒã«åŠçãå®è¡ãããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸããããã©ã«ãèšå®ã©ãã Word ã䜿ã£ãŠã¡ãŒã«ãèªãã å Žåãæ»æè
ã¯ç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãæšçã®ãŠãŒã¶ãŒã«éä¿¡ããŠããã¡ã€ã«ããŒã¹ã®æ»æã« Outlook ãæªçšããããšãã§ããŸãããã®ãã¡ã€ã«ã«ã¯ãEPS ç»åãã€ããªãå«ãŸããŠããŸãããã®ã·ããªãªã®æ»æçµè·¯ã§ã¯ãæå°éã®ãŠãŒã¶ãŒåŠçïŒç¹å¥ã«çŽ°å·¥ãããé»åã¡ãŒã«ã Outlook ã§è¡šç€ºãããªã©ïŒãæªçšããå¿
èŠããããŸããå±éºãããã®ã¯äž»ã«ãMicrosoft Office ãã€ã³ã¹ããŒã«ãããŠããã¯ãŒã¯ã¹ããŒã·ã§ã³ãšã¿ãŒããã«ãµãŒããŒã§ãããŠãŒã¶ãŒããµãŒããŒã«ãã°ãªã³ããŠããã°ã©ã ãå®è¡ããããšã管çè
ãèš±å¯ããŠããå ŽåããµãŒããŒã®å±éºæ§ã¯ããã«é«ããªãå¯èœæ§ããããŸãã
Microsoft Office ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0265ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Office ãœãããŠã§ã¢ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããå Žåã«ããœãããŠã§ã¢ã«ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ã圱é¿ãåããã·ã¹ãã ãæ»æè
ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããã·ã¹ãã ã§ã®ãŠãŒã¶ãŒæš©éãäœãèšå®ã®ã¢ã«ãŠã³ããæã€ãŠãŒã¶ãŒã¯ã管çè
ã®ãŠãŒã¶ãŒæš©éã§å®è¡ããŠãããŠãŒã¶ãŒããããã®è匱æ§ã«ãã圱é¿ãå°ãªããšèããããŸãããã®è匱æ§ãæªçšããã«ã¯ã圱é¿ãåããããŒãžã§ã³ã® Microsoft Office ãœãããŠã§ã¢ã§ããŠãŒã¶ãŒãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãå¿
èŠããããŸããé»åã¡ãŒã«ã«ããæ»æã®ã·ããªãªã§ã¯ãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ããŠãŒã¶ãŒã«éä¿¡ãããã®ãã¡ã€ã«ãéãããã«ãŠãŒã¶ãŒãèªå°ããå¯èœæ§ããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãå«ã Web ãµã€ããæ»æè
ããã¹ãããïŒãŸãã¯ãŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ãããŠãã Web ãµã€ããå©çšããïŒå ŽåããããŸããæ»æè
ã¯ããã® Web ãµã€ãã蚪åããããã«ãŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸããã代ããã«ãéåžžã¯é»åã¡ãŒã«ãã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒã®ã¡ãã»ãŒãžã§èªå°ããç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãããŠãŠãŒã¶ãŒã«ãªã³ã¯ãã¯ãªãã¯ãããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸãã
Microsoft Office ã®ã¡ã¢ãªç Žæã®è匱æ§ïŒCVE-2017-0264ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Office ãœãããŠã§ã¢ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããå Žåã«ããœãããŠã§ã¢ã«ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãçŸåšã®ãŠãŒã¶ãŒã®ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããçŸåšã®ãŠãŒã¶ãŒã管çè
ãŠãŒã¶ãŒæš©éã§ãã°ãªã³ããŠããå Žåã¯ã圱é¿ãåããã·ã¹ãã ãæ»æè
ãå¶åŸ¡ããå¯èœæ§ããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸããã·ã¹ãã ã§ã®ãŠãŒã¶ãŒæš©éãäœãèšå®ã®ã¢ã«ãŠã³ããæã€ãŠãŒã¶ãŒã¯ã管çè
ã®ãŠãŒã¶ãŒæš©éã§å®è¡ããŠãããŠãŒã¶ãŒããããã®è匱æ§ã«ãã圱é¿ãå°ãªããšèããããŸãããã®è匱æ§ãæªçšããã«ã¯ã圱é¿ãåããããŒãžã§ã³ã® Microsoft Office ãœãããŠã§ã¢ã§ããŠãŒã¶ãŒãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãå¿
èŠããããŸããé»åã¡ãŒã«ã«ããæ»æã®ã·ããªãªã§ã¯ãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ããŠãŒã¶ãŒã«éä¿¡ãããã®ãã¡ã€ã«ãéãããã«ãŠãŒã¶ãŒãèªå°ããå¯èœæ§ããããŸããWeb ããŒã¹ã®æ»æã®ã·ããªãªã§ã¯ããã®è匱æ§ã®æªçšãç®çãšããŠç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãå«ã Web ãµã€ããæ»æè
ããã¹ãããïŒãŸãã¯ãŠãŒã¶ãŒãæå®ããã³ã³ãã³ããŸãã¯åºåãåãå
¥ããããŸãã¯ããããã¹ãããŠãã Web ãµã€ããå©çšããïŒå ŽåããããŸããæ»æè
ã¯ããã® Web ãµã€ãã蚪åããããã«ãŠãŒã¶ãŒã匷å¶çã«èªå°ããããšã¯ã§ããŸããã代ããã«ãéåžžã¯é»åã¡ãŒã«ãã€ã³ã¹ã¿ã³ãã¡ãã»ã³ãžã£ãŒã®ã¡ãã»ãŒãžã§èªå°ããç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ãéãããŠãŠãŒã¶ãŒã«ãªã³ã¯ãã¯ãªãã¯ãããããšããæ»æè
ã«ãšã£ãŠã®å¿
èŠæ¡ä»¶ãšãªããŸãã
-
Microsoft .NET Framework çšã®çŽ¯ç©çãªã»ãã¥ãªãã£æŽæ°ããã°ã©ã
.Net ã®ã»ãã¥ãªãã£æ©èœã®ãã€ãã¹ã®è匱æ§ïŒCVE-2017-0248ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft .NET FrameworkïŒããã³ .NET CoreïŒã³ã³ããŒãã³ãã蚌ææžãå®å
šã«æ€èšŒããªãå Žåã«ãã»ãã¥ãªãã£æ©èœã®ãã€ãã¹ã®è匱æ§ãååšããŸããæ»æè
ãæ瀺ãã蚌ææžããç¹å®ã®äœ¿çšã«ç¡å¹ãšããŒã¯ãããŠããŠããã³ã³ããŒãã³ãã¯ãããæ€èšŒã®ç®çã«äœ¿çšããŸãããã®åŠçã«ãã£ãŠãæ¡åŒµããŒäœ¿çšæ³ã®ã¿ã°æå®ãç¡èŠãããŸãã
-
Microsoft Windows Hyper-V çšã®çŽ¯ç©çãªã»ãã¥ãªãã£æŽæ°ããã°ã©ã
Windows Hyper-V vSMB ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0212ïŒMS ã®æ·±å»åºŠ: éèŠ
ãã¹ããµãŒããŒäžã® Windows Hyper-V ããvSMB ãã±ããããŒã¿ãé©åã«æ€èšŒããªãå Žåã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãæšçãšãªããªãã¬ãŒãã£ã³ã°ã·ã¹ãã ã§ç¹æš©ãææ Œã§ããå ŽåããããŸãããã®è匱æ§èªäœãå©çšããŠãä»»æã®ã³ãŒããå®è¡ããããšã¯ã§ããŸããããããããã®è匱æ§ã 1 ã€ãŸãã¯è€æ°ã®è匱æ§ïŒãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ããç¹æš©ææ Œã®è匱æ§ãªã©ïŒãšçµã¿åãããŠæªçšããããšãå®è¡æã«ææ Œãããç¹æš©ãæªçšãããå¯èœæ§ããããŸãã
-
Microsoft Windows SMB çšã®çŽ¯ç©çãªã»ãã¥ãªãã£æŽæ°ããã°ã©ã
Windows SMB ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0272ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãæšçã®ãµãŒããŒã§ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0277ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãæšçã®ãµãŒããŒã§ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0278ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãæšçã®ãµãŒããŒã§ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0279ïŒMS ã®æ·±å»åºŠ: ç·æ¥
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãæšçã®ãµãŒããŒã§ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0267ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0268ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0270ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0271ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0274ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0275ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0276ïŒMS ã®æ·±å»åºŠ: éèŠ
Microsoft Server Message Block 1.0ïŒSMBv1ïŒãµãŒããŒãç¹å®ã®èŠæ±ãåŠçããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãç¹å¥ã«çŽ°å·¥ããããã±ãããäœæã§ãããµãŒããŒããã®æ
å ±æŒããã«ã€ãªããæãããããŸãããã®è匱æ§ãæªçšãããšãã»ãšãã©ã®å ŽåãèªèšŒãããŠããªãæ»æè
ãç¹å¥ã«çŽ°å·¥ããããã±ãããæšçã® SMBv1 ãµãŒããŒã«éä¿¡ã§ããå ŽåããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0269ïŒMS ã®æ·±å»åºŠ: éèŠ
æ»æè
ãç¹å¥ã«çŽ°å·¥ãããèŠæ±ããµãŒãã¹ã«éä¿¡ããå Žåã«ãMicrosoft Server Block Message (SMB) ã«ãµãŒãã¹æåŠã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšã圱é¿ãåããã·ã¹ãã ã¯æåã§åèµ·åãããŸã§å¿çãåæ¢ããå¯èœæ§ããããŸãããã®è匱æ§ã®æªçšããããšããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã SMB èŠæ±ãæšçã®ã·ã¹ãã ã«éä¿¡ããå¿
èŠããããŸãããµãŒãã¹æåŠã®è匱æ§ãå©çšããŠããæ»æè
ãã³ãŒããå®è¡ãããããŠãŒã¶ãŒæš©éãææ Œãããããããšã¯ãããŸãããã圱é¿ãåããã·ã¹ãã ã§èŠæ±ã®åãå
¥ããåæ¢ãããå ŽåããããŸãã
Windows ã®ãµãŒãã¹æåŠã®è匱æ§ïŒCVE-2017-0273ïŒMS ã®æ·±å»åºŠ: éèŠ
æ»æè
ãç¹å¥ã«çŽ°å·¥ãããèŠæ±ããµãŒãã¹ã«éä¿¡ããå Žåã«ãMicrosoft Server Block Message (SMB) ã«ãµãŒãã¹æåŠã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšã圱é¿ãåããã·ã¹ãã ã¯æåã§åèµ·åãããŸã§å¿çãåæ¢ããå¯èœæ§ããããŸãããã®è匱æ§ã®æªçšããããšããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã SMB èŠæ±ãæšçã®ã·ã¹ãã ã«éä¿¡ããå¿
èŠããããŸãã
Windows SMB ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0280ïŒMS ã®æ·±å»åºŠ: éèŠ
æ»æè
ãç¹å¥ã«çŽ°å·¥ãããèŠæ±ããµãŒãã¹ã«éä¿¡ããå Žåã«ãMicrosoft Server Block Message (SMB) ã«ãµãŒãã¹æåŠã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšã圱é¿ãåããã·ã¹ãã ã¯æåã§åèµ·åãããŸã§å¿çãåæ¢ããå¯èœæ§ããããŸãããã®è匱æ§ã®æªçšããããšããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã SMB èŠæ±ãæšçã®ã·ã¹ãã ã«éä¿¡ããå¿
èŠããããŸãããµãŒãã¹æåŠã®è匱æ§ãå©çšããŠããæ»æè
ãã³ãŒããå®è¡ãããããŠãŒã¶ãŒæš©éãææ Œãããããããšã¯ãããŸãããã圱é¿ãåããã·ã¹ãã ã§èŠæ±ã®åãå
¥ããåæ¢ãããå ŽåããããŸãã
-
Microsoft Windows çšã®çŽ¯ç©çãªã»ãã¥ãªãã£æŽæ°ããã°ã©ã
Win32k ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0246ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããé©åã«åŠçããªãå Žåã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãææ Œãããã³ã³ããã¹ãã§ããã»ã¹ãå®è¡ã§ããå¯èœæ§ããããŸããx64 ããŒã¹ã®ã·ã¹ãã ã« Windows 7 以éãã€ã³ã¹ããŒã«ãããŠããå Žåããã®è匱æ§ã«ãã£ãŠãµãŒãã¹æåŠãèµ·ããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ã¯åœ±é¿ãåããã·ã¹ãã ã«ãã°ãªã³ããããããŒã«ã«ã§èªèšŒããããŠãŒã¶ãŒã«ãç¹å¥ã«äœæãããã¢ããªã±ãŒã·ã§ã³ãå®è¡ãããå¿
èŠããããŸãã
Windows ã«ãŒãã«ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0244ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ã«ãŒãã«ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããæ¹æ³ã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãææ Œããç¹æš©ã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããx64 ããŒã¹ã®ã·ã¹ãã ã« Windows 7 以éãã€ã³ã¹ããŒã«ãããŠããå Žåããã®è匱æ§ã«ãã£ãŠãµãŒãã¹æåŠãèµ·ããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ã¯åœ±é¿ãåããã·ã¹ãã ã«ãã°ãªã³ããããããŒã«ã«ã§èªèšŒããããŠãŒã¶ãŒã«ãç¹å¥ã«äœæãããã¢ããªã±ãŒã·ã§ã³ãå®è¡ãããå¿
èŠããããŸãã
Windows ã«ãŒãã«ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0175ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ã«ãŒãã«ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããæ£ããåŠçããªãå Žåã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšããŠãŒã¶ãŒã®ã³ã³ãã¥ãŒã¿ãããã«äŸµå®³ããæ
å ±ãæ»æè
ã«æäŸãããå¯èœæ§ããããŸããèªèšŒãããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã¢ããªã±ãŒã·ã§ã³ãå®è¡ããŠãã®è匱æ§ãæªçšããå¯èœæ§ããããŸãã
Windows ã«ãŒãã«ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0220ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ã«ãŒãã«ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããæ£ããåŠçããªãå Žåã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšããŠãŒã¶ãŒã®ã³ã³ãã¥ãŒã¿ãããã«äŸµå®³ããæ
å ±ãæ»æè
ã«æäŸãããå¯èœæ§ããããŸããèªèšŒãããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã¢ããªã±ãŒã·ã§ã³ãå®è¡ããŠãã®è匱æ§ãæªçšããå¯èœæ§ããããŸãã
Windows ã«ãŒãã«ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0258ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ã«ãŒãã«ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããæ£ããåŠçããªãå Žåã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšããŠãŒã¶ãŒã®ã³ã³ãã¥ãŒã¿ãããã«äŸµå®³ããæ
å ±ãæ»æè
ã«æäŸãããå¯èœæ§ããããŸããèªèšŒãããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã¢ããªã±ãŒã·ã§ã³ãå®è¡ããŠãã®è匱æ§ãæªçšããå¯èœæ§ããããŸãã
Windows ã«ãŒãã«ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0259ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ã«ãŒãã«ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããæ£ããåŠçããªãå Žåã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšããŠãŒã¶ãŒã®ã³ã³ãã¥ãŒã¿ãããã«äŸµå®³ããæ
å ±ãæ»æè
ã«æäŸãããå¯èœæ§ããããŸããèªèšŒãããæ»æè
ã¯ãç¹å¥ã«çŽ°å·¥ããã¢ããªã±ãŒã·ã§ã³ãå®è¡ããŠãã®è匱æ§ãæªçšããå¯èœæ§ããããŸãã
Dxgkrnl.sys ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0077ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ãã¡ã¢ãªå
ã®ãªããžã§ã¯ããæ£ããåŠçããªãå Žåã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããããŒã«ã«æ»æã®ã·ããªãªã§ã¯ãæ»æè
ã¯ç¹å¥ã«çŽ°å·¥ããã¢ããªã±ãŒã·ã§ã³ãå®è¡ãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ããããšã§ããã®è匱æ§ãæªçšããå¯èœæ§ããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãææ Œãããã³ã³ããã¹ãã§ããã»ã¹ãå®è¡ãããå¯èœæ§ããããŸãã
Win32k ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0245ïŒMS ã®æ·±å»åºŠ: éèŠ
win32k ã³ã³ããŒãã³ããã«ãŒãã«æ
å ±ãé©åã«æäŸããªããšãã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšããŠãŒã¶ãŒã®ã³ã³ãã¥ãŒã¿ãããã«äŸµå®³ããæ
å ±ãæ»æè
ã«æäŸãããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ã¯åœ±é¿ãåããã·ã¹ãã ã«ãã°ãªã³ããããããŒã«ã«ã§èªèšŒããããŠãŒã¶ãŒã«ãç¹å¥ã«äœæãããã¢ããªã±ãŒã·ã§ã³ãå®è¡ãããå¿
èŠããããŸãã
Win32k ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0263ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ã«ãŒãã«ã¢ãŒããã©ã€ããã¡ã¢ãªå
ã®ãªããžã§ã¯ããæ£ããåŠçããªãå Žåã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãã«ãŒãã«ã¢ãŒãã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸããæ»æè
ã¯ãã®åŸãããã°ã©ã ã®ã€ã³ã¹ããŒã«ããããŒã¿ã®è¡šç€ºãå€æŽãåé€ããããã¯å®å
šãªãŠãŒã¶ãŒæš©éãæã€æ°ããã¢ã«ãŠã³ãã®äœæãå¯èœã«ãªãå ŽåããããŸãããã®è匱æ§ã®æªçšã«ã¯ãæ»æè
ã¯ãŸãã·ã¹ãã ã«ãã°ãªã³ããå¿
èŠããããŸããæ»æè
ã¯æ¬¡ã«ãç¹å¥ã«çŽ°å·¥ãããã¢ããªã±ãŒã·ã§ã³ã䜿ã£ãŠãã®è匱æ§ãæªçšãã圱é¿ãåããã·ã¹ãã ãå¶åŸ¡ã§ããå¯èœæ§ããããŸãã
Windows DNS ãµãŒããŒã®ãµãŒãã¹æåŠã®è匱æ§ïŒCVE-2017-0171ïŒMS ã®æ·±å»åºŠ: éèŠ
ããŒãžã§ã³ã¯ãšãªãŒã«å¿çããããèšå®ãããŠããå ŽåãWindows DNS ãµãŒããŒã«ãµãŒãã¹æåŠã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãDNS ãµãŒããŒãå¿çãåæ¢ããå¯èœæ§ããããŸããæ»æè
ããæªè³ªãª DNS ã¯ãšãªãŒãéä¿¡ããããšã«ãã£ãŠãã®è匱æ§ãæªçšãããšããµãŒãã¹æåŠãçºçããå¯èœæ§ããããŸãã
Windows COM ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0213ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows COM Aggregate Marshaler ã«ç¹æš©ææ ŒãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãææ Œããç¹æš©ã§ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšããããã«ãæ»æè
ã¯ãã®è匱æ§ãæªçšã§ããããç¹å¥ã«çŽ°å·¥ãããã¢ããªã±ãŒã·ã§ã³ãå®è¡ããå¯èœæ§ããããŸãããã®è匱æ§èªäœãå©çšããŠãä»»æã®ã³ãŒããå®è¡ããããšã¯ã§ããŸããããããããã®è匱æ§ã 1 ã€ãŸãã¯è€æ°ã®è匱æ§ïŒãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ããç¹æš©ææ Œã®è匱æ§ãªã©ïŒãšçµã¿åãããŠæªçšããããšãå®è¡æã«ææ Œãããç¹æš©ãæªçšãããå¯èœæ§ããããŸãã
Windows COM ã®ç¹æš©ææ Œã®è匱æ§ïŒCVE-2017-0214ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows ãã¿ã€ãã©ã€ãã©ãªãèªã¿èŸŒãåã«å
¥åãé©åã«æ€èšŒããªãå Žåã«ãç¹æš©ææ Œã®è匱æ§ãååšããŸããæ»æè
ã¯ããã®è匱æ§ãå©çšããŠç¹æš©ã¬ãã«ãææ Œã§ããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ã¯ãŸãããŒã«ã«ã·ã¹ãã ã«ã¢ã¯ã»ã¹ããæªè³ªãªã¢ããªã±ãŒã·ã§ã³ãå®è¡ã§ããããã«ãªãå¿
èŠããããŸãã
Windows GDI ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0190ïŒMS ã®æ·±å»åºŠ: éèŠ
Windows Graphics Device InterfaceïŒGDIïŒãã¡ã¢ãªå
ã®ãªããžã§ã¯ããåŠçããæ¹æ³ã«æ
å ±æŒããã®è匱æ§ãååšããæ»æè
ãæšçãšããã·ã¹ãã ããæ
å ±ãååŸã§ããããã«ãªããŸããæ
å ±æŒããèªäœã«ãã£ãŠãä»»æã®ã³ãŒããå®è¡ãããããšã¯ãããŸããããæ»æè
ããå¥ã®è匱æ§ãšçµã¿åãããŠäœ¿ã£ãå Žåã«ã¯ä»»æã®ã³ãŒããå®è¡ã§ããå ŽåããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ã¯åœ±é¿ãåããã·ã¹ãã ã«ãã°ãªã³ããŠãç¹å¥ã«çŽ°å·¥ãããã¢ããªã±ãŒã·ã§ã³ãå®è¡ããå¿
èŠããããŸãã
Microsoft ActiveX ã®æ
å ±æŒããã®è匱æ§ïŒCVE-2017-0242ïŒMS ã®æ·±å»åºŠ: éèŠ
äžéšã® ActiveX ãªããžã§ã¯ããã€ã³ã¹ã¿ã³ã¹åãããæ¹æ³ã«ãæ
å ±æŒããã®è匱æ§ãååšããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãä¿è·ãããŠããã¡ã¢ãªã®å
容ã«ã¢ã¯ã»ã¹ã§ããå¯èœæ§ããããŸãããã®è匱æ§ãæªçšããã«ã¯ãæ»æè
ã¯æªè³ªãªææžããŠãŒã¶ãŒã«éãããè匱ãªãªããžã§ã¯ããã€ã³ã¹ã¿ã³ã¹åãããå¿
èŠããããŸãã
Microsoft Malware Protection Engine ã®ãªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ïŒCVE-2017-0290ïŒMS ã®æ·±å»åºŠ: ç·æ¥
ç¹å¥ã«çŽ°å·¥ããããã¡ã€ã«ã Microsoft Malware Protection Engine ãé©åã«ã¹ãã£ã³ããªãå Žåã«ããªã¢ãŒãã³ãŒãå®è¡ã®è匱æ§ãååšãããããã¡ã¢ãªç Žæã«ã€ãªããå¯èœæ§ããããŸããæ»æè
ããã®è匱æ§ã®æªçšã«æåãããšãLocalSystem ã¢ã«ãŠã³ãã®ã»ãã¥ãªãã£ã³ã³ããã¹ãã§ä»»æã®ã³ãŒããå®è¡ããã·ã¹ãã ãå¶åŸ¡ããå¯èœæ§ããããŸãã