-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


                                                         JPCERT-WR-2017-2701
                                                                   JPCERT/CC
                                                                  2017-07-20

            <<< JPCERT/CC WEEKLY REPORT 2017-07-20 >>>

$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(B07/09($BF|(B)$B!A(B07/15($BEZ(B) $B$N%;%-%e%j%F%#4XO">pJs(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

== $BL\(B  $B<!(B ==================================================================

$B!Z(B1$B![J#?t$N(B Microsoft $B@=IJ$K@H<e@-(B
$B!Z(B2$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B
$B!Z(B3$B![(BApache Struts 2 $B$N(B Struts 1 $B%W%i%0%$%s$r;HMQ$9$k%"%W%j%1!<%7%g%s$KG$0U$N%3!<%I$,<B9T2DG=$J@H<e@-(B
$B!Z(B4$B![(BApache HTTP Web Server $B$KJ#?t$N@H<e@-(B
$B!Z(B5$B![(BSamba $B$KG'>Z2sHr$N@H<e@-(B
$B!Z(B6$B![(BCisco IOS $B$*$h$S(B Cisco IOS XE $B%=%U%H%&%'%"$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B
$B!Z(B7$B![(BScreenOS $B$KJ#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H<e@-(B
$B!Z(B8$B![(BDahua $B@=%M%C%H%o!<%/%+%a%i$KJ#?t$N@H<e@-(B
$B!Z(B9$B![(BHikvision $B@=%M%C%H%o!<%/%+%a%i$KJ#?t$N@H<e@-(B
$B!Z(B10$B![(BAssetView for MacOS $B$N!V%U%!%$%kE>Aw(BWeb$B%5!<%S%9!W$KJ#?t$N@H<e@-(B
$B!Z(B11$B![(BYahoo!$B%D!<%k%P!<(B (Internet explorer $BHG(B) $B$N%$%s%9%H!<%i$KG$0U$N(B DLL $BFI$_9~$_$N@H<e@-(B
$B!Z(B12$B![%"%?%C%7%'%1!<%9$G:n@.$5$l$?<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$K(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B
$B!Z(B13$B![%U%!%$%k%3%s%Q%/%H$G:n@.$5$l$?<+8J2rE`=q8K%U%!%$%k$K(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B
$B!Z(B14$B![(BFileCapsule Deluxe Portable $B$*$h$S(B FileCapsule Deluxe Portable $B$G:n@.$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k$K(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B
$B!Z:#=5$N$R$H$/$A%a%b![AmL3>J$,!V%5%$%P!<967b!JI8E*7?967b!KBP:vKI8f%b%G%k$N2r@b!W$r8x3+(B

  $B"(>R2p$9$k%;%-%e%j%F%#4XO">pJs$NA*Dj4p=`$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/

  $B"((BHTML $BHG$*$h$S(B XML $BHG$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/2017/wr172701.html
        https://www.jpcert.or.jp/wr/2017/wr172701.xml
============================================================================


$B!Z(B1$B![J#?t$N(B Microsoft $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Microsoft Releases July 2017 Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/07/11/Microsoft-Releases-July-2017-Security-Updates

    $B35MW(B
      $BJ#?t$N(B Microsoft $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T(B
      $B$,G$0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Internet Explorer
      - Microsoft Edge
      - Microsoft Windows
      - Microsoft Office and Microsoft Office Services and Web Apps
      - .NET Framework
      - Microsoft Exchange Server

      $B$3$NLdBj$O!"(BMicrosoft Update $BEy$rMQ$$$F!"99?7%W%m%0%i%`$rE,MQ$9$k$3$H(B
      $B$G2r7h$7$^$9!#>\:Y$O!"(BMicrosoft $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B%^%$%/%m%=%U%H3t<02q<R(B
      2017 $BG/(B 7 $B7n$N%;%-%e%j%F%#99?7%W%m%0%i%`(B
      https://portal.msrc.microsoft.com/ja-jp/security-guidance/releasenotedetail/f2b16606-4945-e711-80dc-000d3a32fc99

      JPCERT/CC Alert
      2017$BG/(B 7$B7n%^%$%/%m%=%U%H%;%-%e%j%F%#99?7%W%m%0%i%`$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170027.html

$B!Z(B2$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Adobe Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/07/11/Adobe-Releases-Security-Updates

    $B35MW(B
      $BJ#?t$N(B Adobe $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,G$(B
      $B0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Adobe Flash Player $B%G%9%/%H%C%W%i%s%?%$%`(B 26.0.0.131 $B$*$h$S$=$l0JA0(B (Windows $BHG!"(BMacintosh $BHG!"(BLinux $BHG(B)
      - Adobe Connect 9.6.1 $B$*$h$S$=$l0JA0(B (Windows $BHG(B)

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Adobe $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BAdobe $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Adobe $B%;%-%e%j%F%#>pJs(B
      Flash Player $BMQ$N%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB17-21
      https://helpx.adobe.com/jp/security/products/flash-player/apsb17-21.html

      Adobe $B%;%-%e%j%F%#>pJs(B
      Adobe Connect $BMQ$N%;%-%e%j%F%#%"%C%W%G!<%H(B | APSB17-22
      https://helpx.adobe.com/jp/security/products/connect/apsb17-22.html

      JPCERT/CC Alert 2017-07-12
      Adobe Flash Player $B$N@H<e@-(B (APSB17-21) $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170026.html

$B!Z(B3$B![(BApache Struts 2 $B$N(B Struts 1 $B%W%i%0%$%s$r;HMQ$9$k%"%W%j%1!<%7%g%s$KG$0U$N%3!<%I$,<B9T2DG=$J@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#99376481
      Apache Struts2 $B$N(B Struts1 $B%W%i%0%$%s$r;HMQ$9$k%"%W%j%1!<%7%g%s$KG$0U$N%3!<%I$,<B9T2DG=$J@H<e@-(B
      https://jvn.jp/vu/JVNVU99376481/

    $B35MW(B
      Apache Struts 2 $B$N(B Struts 1 $B%W%i%0%$%s$r;HMQ$9$k%"%W%j%1!<%7%g%s$K$O!"(B
      $B@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,!":Y9)$7$?%j%/%(%9%H$rAw?.(B
      $B$9$k$3$H$G!"G$0U$N%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Struts 2.3 $B7O$G(B Struts 1 $B%W%i%0%$%s$r;HMQ$7$FF0:n$9$k%"%W%j%1!<%7%g%s(B

      $B3+H/<T$,8x3+$9$k(B S2-048 $B$G$O!"K\@H<e@-$r4^$`%"%W%j%1!<%7%g%s$H$7$F(B Apache
      Struts 2 $B$KIUB0$7$F$$$k%5%s%W%k%"%W%j%1!<%7%g%s(B showcase $B$,5s$2$i$l$F(B
      $B$$$^$9!#(Bshowcase $B$K4X$9$kLdBj$O!"(BApache Struts $B$r(B The Apache Software
      Foundation $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#(B
      Struts1 $B%W%i%0%$%s$r;HMQ$9$k%"%W%j%1!<%7%g%s$KBP$7$F$O!"(Bshowcase $B%"%W(B
      $B%j%1!<%7%g%s$N=$@5J}K!$r;29M$K!"(BActionMessage $B%/%i%9$rMQ$$$?=hM}$K$*$$(B
      $B$F!"%j%=!<%9%-!<$r;HMQ$9$k$J$IE,@Z$J=hM}$r9T$C$F$/$@$5$$!#>\:Y$O!"(BThe
      Apache Software Foundation $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      JPCERT/CC Alert 2017-07-10
      Apache Struts 2 $B$N@H<e@-(B (S2-048) $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170025.html

    $B4XO"J8=q(B ($B1Q8l(B)
      The Apache Software Foundation
      Struts 2.3.33
      https://struts.apache.org/download.cgi

      Apache Struts 2 Documentation
      Version Notes 2.3.33
      https://struts.apache.org/docs/version-notes-2333.html

      Apache Struts 2 Documentation
      S2-048
      https://struts.apache.org/docs/s2-048.html

$B!Z(B4$B![(BApache HTTP Web Server $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#92256772
      Apache HTTP Web Server $B$K$*$1$kJ#?t$N@H<e@-$KBP$9$k%"%C%W%G!<%H(B
      https://jvn.jp/vu/JVNVU92256772/

    $B35MW(B
      Apache HTTP Web Server $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V(B
      $B$NBh;0<T$,!">pJs$r<hF@$7$?$j!"%5!<%S%91?MQK832(B (DoS) $B967b$r9T$C$?$j$9(B
      $B$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Apache HTTP Web Server 2.2.33 $B$*$h$S$=$l0JA0(B
      - Apache HTTP Web Server 2.4.26 $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"(BApache HTTP Web Server $B$r(B The Apache Software Foundation
      $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BThe
      Apache Software Foundation $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      The Apache Software Foundation
      Fixed in Apache httpd 2.2.34
      http://httpd.apache.org/security/vulnerabilities_22.html#2.2.34

      The Apache Software Foundation
      Fixed in Apache httpd 2.4.27
      http://httpd.apache.org/security/vulnerabilities_24.html#2.4.27

$B!Z(B5$B![(BSamba $B$KG'>Z2sHr$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Samba Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/07/12/Samba-Releases-Security-Updates

    $B35MW(B
      Samba $B$K$O!"G'>Z2sHr$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,!"Cf(B
      $B4V<T967b$r9T$&$3$H$K$h$C$F!"G$0U$NA`:n$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Samba 4.0.0 $B0J9_(B

      $B$3$NLdBj$O!"(BSamba $B$r(B The Samba Team $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99(B
      $B?7$9$k$+!"%Q%C%A$rE,MQ$9$k$3$H$G2r7h$7$^$9!#$^$?!"<!$N2sHr:v$rE,MQ$9$k(B
      $B$3$H$G!"K\@H<e@-$N1F6A$r7Z8:$9$k$3$H$,2DG=$G$9!#(B

      - MIT Kerberos $B$r;HMQ$9$k@_Dj$G%3%s%Q%$%k$7$?(B Samba $B$r;HMQ$9$k(B

      $B>\:Y$O!"(BThe Samba Team $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      The Samba Team
      Orpheus' Lyre mutual authentication validation bypass
      https://www.samba.org/samba/security/CVE-2017-11103.html

$B!Z(B6$B![(BCisco IOS $B$*$h$S(B Cisco IOS XE $B%=%U%H%&%'%"$K%P%C%U%!%*!<%P!<%U%m!<$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Cisco Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/07/13/Cisco-Releases-Security-Updates

    $B35MW(B
      Cisco IOS $B$*$h$S(B Cisco IOS XE $B%=%U%H%&%'%"$K$O!"%P%C%U%!%*!<%P!<%U%m!<(B
      $B$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,G$0U$N%3!<%I$r<B9T$9$k$J(B
      $B$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Cisco IOS $B%=%U%H%&%'%"(B
      - Cisco IOS XE $B%=%U%H%&%'%"(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Cisco $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BCisco $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Cisco Security Advisory
      SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170629-snmp

$B!Z(B7$B![(BScreenOS $B$KJ#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Juniper Releases ScreenOS Security Update
      https://www.us-cert.gov/ncas/current-activity/2017/07/13/Juniper-Releases-ScreenOS-Security-Update

    $B35MW(B
      ScreenOS $B$K$O!"J#?t$N%/%m%9%5%$%H%9%/%j%W%F%#%s%0$N@H<e@-$,$"$j$^$9!#(B
      $B7k2L$H$7$F!"1s3V$NBh;0<T$,!"4IM}<T8"8B$GG$0U$N%9%/%j%W%H$r<B9T$9$k2DG=(B
      $B@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - ScreenOS 6.3.0r24 $B$h$jA0$N%P!<%8%g%s(B

      $B$3$NLdBj$O!"(BScreenOS $B$r(B Juniper $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9(B
      $B$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BJuniper $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Juniper
      2017-07 Security Bulletin: ScreenOS: Multiple XSS vulnerabilities in ScreenOS Firewall
      https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10782

$B!Z(B8$B![(BDahua $B@=%M%C%H%o!<%/%+%a%i$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#98841854
      Dahua $B@=%M%C%H%o!<%/%+%a%i$KJ#?t$N@H<e@-(B
      https://jvn.jp/vu/JVNVU98841854/

    $B35MW(B
      Dahua $B@=%M%C%H%o!<%/%+%a%i$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s(B
      $B3V$NBh;0<T$,G$0U$NA`:n$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Dahua $B@=%M%C%H%o!<%/%+%a%i(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Dahua Technology Co., Ltd $B$,Ds6!$9$k=$@5:Q(B
      $B$_$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BDahua Technology Co.,
      Ltd $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Dahua Technology
      March 6, 2017 Security Bulletin: Cyber Vulnerability Affecting Certain Dahua IP Cameras and Recorders
      https://us.dahuasecurity.com/en/us/Security-Bulletin_030617.php

$B!Z(B9$B![(BHikvision $B@=%M%C%H%o!<%/%+%a%i$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#92379282
      Hikvision $B@=%M%C%H%o!<%/%+%a%i$KJ#?t$N@H<e@-(B
      https://jvn.jp/vu/JVNVU92379282/

    $B35MW(B
      Hikvision $B@=%M%C%H%o!<%/%+%a%i$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"(B
      $B1s3V$NBh;0<T$,G$0U$NA`:n$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Hikvision $B@=%M%C%H%o!<%/%+%a%i(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Hikvision $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K(B
      $B99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BHikvision $B$,Ds6!$9$k>pJs$r;2>H$7$F$/(B
      $B$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Hikvision
      Security Notification: Privilege-Escalating Vulnerability in Certain Hikvision IP Cameras
      http://www.hikvision.com/us/about_10805.html

      Hikvision
      Privilege-Escalating  Vulnerability Notice
      http://www.hikvision.com/us/about_10807.html

$B!Z(B10$B![(BAssetView for MacOS $B$N!V%U%!%$%kE>Aw(BWeb$B%5!<%S%9!W$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#93377948
      AssetView for MacOS $B$N!V%U%!%$%kE>Aw(BWeb$B%5!<%S%9!W$KJ#?t$N@H<e@-(B
      https://jvn.jp/vu/JVNVU93377948/

    $B35MW(B
      AssetView for MacOS $B$N!V%U%!%$%kE>Aw(BWeb$B%5!<%S%9!W$K$O!"J#?t$N@H<e@-$,(B
      $B$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,!"G$0U$N(B SQL $BJ8$r<B9T$7$?$j!"G$0U(B
      $B$N%U%!%$%k$r<hF@$7$?$j$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - AssetView for MacOS Ver.9.2.0 $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"(BAssetView for MacOS $B$K3t<02q<R%O%s%b%C%/$,Ds6!$9$k%Q%C%A$r(B
      $BE,MQ$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"3t<02q<R%O%s%b%C%/$,Ds6!$9$k>pJs$r;2(B
      $B>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      AssetView $B%;%-%e%j%F%#>pJs(B
      JVNVU#93377948 : AssetView for MacOS $B%5!<%P!<$K(B2$B7o$N@H<e@-(B
      https://www.hammock.jp/assetview/info/170714.html

$B!Z(B11$B![(BYahoo!$B%D!<%k%P!<(B (Internet explorer $BHG(B) $B$N%$%s%9%H!<%i$KG$0U$N(B DLL $BFI$_9~$_$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#02852421
      Yahoo!$B%D!<%k%P!<(B (Internet explorer $BHG(B) $B$N%$%s%9%H!<%i$K$*$1$kG$0U$N(B DLL $BFI$_9~$_$N@H<e@-(B
      https://jvn.jp/jp/JVN02852421/

    $B35MW(B
      Yahoo!$B%D!<%k%P!<(B (Internet explorer $BHG(B) $B$N%$%s%9%H!<%i$K$O!"(BDLL $BFI$_9~(B
      $B$_$K4X$9$k@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"Bh;0<T$,G$0U$N%3!<%I$r<B9T$9$k(B
      $B2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Yahoo!$B%D!<%k%P!<(B (Internet explorer $BHG(B) v8.0.0.6 $B$*$h$S$=$l0JA0$N%$%s%9%H!<%i(B ($B%G%8%?%k=pL>$N%?%$%`%9%?%s%W$,(B 2017$BG/(B6$B7n(B13$BF|(B 18:18:55 $B$h$jA0$NHG(B)

      $B$3$NLdBj$O!"%d%U!<3t<02q<R$,Ds6!$9$k:G?7$N%$%s%9%H!<%i$G$O2r7h$7$F$$$^(B
      $B$9!#$J$*!"$9$G$K3:Ev$9$k@=IJ$r%$%s%9%H!<%k$7$F$$$k>l9g$K$O!"$3$NLdBj$N(B
      $B1F6A$O$"$j$^$;$s!#>\:Y$O!"%d%U!<3t<02q<R$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5(B
      $B$$!#(B

$B!Z(B12$B![%"%?%C%7%'%1!<%9$G:n@.$5$l$?<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$K(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#61502349
      $B%"%?%C%7%'%1!<%9$G:n@.$5$l$?<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$K$*$1$k(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B
      https://jvn.jp/jp/JVN61502349/

    $B35MW(B
      $B%"%?%C%7%'%1!<%9$G:n@.$5$l$?<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$K$O!"(BDLL
      $BFI$_9~$_$K4X$9$k@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"Bh;0<T$,G$0U$N%3!<%I$r<B(B
      $B9T$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - $B%"%?%C%7%'%1!<%9(B ver.2.8.3.0 $B$*$h$S$=$l0JA0(B
      - $B%"%?%C%7%'%1!<%9(B ver.3.2.2.6 $B$*$h$S$=$l0JA0(B

      2017$BG/(B7$B7n(B19$BF|8=:_!"BP:v:Q$_$N%P!<%8%g%s$O8x3+$5$l$F$$$^$;$s!#<!$N2sHr(B
      $B:v$rE,MQ$9$k$3$H$G!"K\@H<e@-$N1F6A$r7Z8:$9$k$3$H$,2DG=$G$9!#(B

      - $B<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$O?7$?$K:n@.$7$?%G%#%l%/%H%j$KJ]B8$7!"B>$NL54X78$J%U%!%$%k$,B8:_$7$J$$>uBV$G<B9T$9$k(B
      - $B<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$r<B9T$9$k:]!"F10l%G%#%l%/%H%jFb$KIT?3$J%U%!%$%k$,B8:_$7$J$$$3$H$r3NG'$9$k(B
      - $B<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$r6&M-%G%#%l%/%H%j$KCV$-!"<B9T$5$;$k$h$&$J1?MQ$r9T$C$F$$$k>l9g$O!"Ev3:%G%#%l%/%H%j$rFI$_<h$j@lMQ$K$9$k(B
      - $B<+8J<B9T2DG=7A<0$N0E9f2=%U%!%$%k$O4IM}<T8"8B$r;}$?$J$$I8=`%f!<%6%"%+%&%s%H$GA`:n$9$k$3$H$r86B'$H$7!"I,MW$J$H$-$N$_4IM}<T%"%+%&%s%H$GA`:n$9$k(B

      $B>\:Y$O!"(BHiBARA Software $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      HiBARA Software
      2017/07/13 - $B<+8J<B9T7A<0%U%!%$%k$K$*$1$kG$0U$N(BDLL$BFI$_9~$_!J(BDLL$B%O%$%8%c%C%/!"(BDLL$B%W%j%m!<%I!K(B
      https://hibara.org/software/attachecase/vulnerability/

$B!Z(B13$B![%U%!%$%k%3%s%Q%/%H$G:n@.$5$l$?<+8J2rE`=q8K%U%!%$%k$K(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#29939155
      $B%U%!%$%k%3%s%Q%/%H$G:n@.$5$l$?<+8J2rE`=q8K%U%!%$%k$K$*$1$k(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B
      https://jvn.jp/jp/JVN29939155/

    $B35MW(B
      $B%U%!%$%k%3%s%Q%/%H$G:n@.$5$l$?<+8J2rE`=q8K%U%!%$%k$K$O!"(BDLL $BFI$_9~$_$K(B
      $B4X$9$k@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"Bh;0<T$,G$0U$N%3!<%I$r<B9T$9$k2DG=(B
      $B@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - $B%U%!%$%k%3%s%Q%/%H(B Ver.5 $B%P!<%8%g%s(B 5.09 $B$*$h$S$=$l0JA0(B
      - $B%U%!%$%k%3%s%Q%/%H(B Ver.6 $B%P!<%8%g%s(B 6.01 $B$*$h$S$=$l0JA0(B
      - $B%U%!%$%k%3%s%Q%/%H(B Ver.7 $B%P!<%8%g%s(B 7.01 $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"%U%!%$%k%3%s%Q%/%H$r%=!<%9%M%/%9%H3t<02q<R$,Ds6!$9$k=$@5:Q(B
      $B$_$N%P!<%8%g%s$K99?7$7!"<+8J2rE`=q8K%U%!%$%k$r:n@.$7$J$*$9$3$H$G2r7h$7(B
      $B$^$9!#>\:Y$O!"%=!<%9%M%/%9%H3t<02q<R$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B%=!<%9%M%/%9%H3t<02q<R(B
      $B%U%!%$%k%3%s%Q%/%H$G:n@.$5$l$?<+8J2rE`=q8K$N@H<e@-$H=$@540N;$N$*CN$i$;!J(B2017/7/7$B!K(B
      https://www.sourcenext.com/support/i/20170704_01

$B!Z(B14$B![(BFileCapsule Deluxe Portable $B$*$h$S(B FileCapsule Deluxe Portable $B$G:n@.$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k$K(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#42031953
      FileCapsule Deluxe Portable $B$*$h$S(B FileCapsule Deluxe Portable $B$G:n@.$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k$K$*$1$k(B DLL $BFI$_9~$_$K4X$9$k@H<e@-(B
      https://jvn.jp/jp/JVN42031953/

    $B35MW(B
      FileCapsule Deluxe Portable $B$*$h$S(B FileCapsule Deluxe Portable $B$G:n@.(B
      $B$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k$K$O!"(BDLL $BFI$_9~$_$K4X$9$k@H<e@-$,$"$j(B
      $B$^$9!#7k2L$H$7$F!"Bh;0<T$,G$0U$N%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - FileCapsule Deluxe Portable Ver.1.0.4.1 $B$*$h$S$=$l0JA0(B
      - FileCapsule Deluxe Portable Ver.1.0.5.1 $B$*$h$S$=$l0JA0(B
      - FileCapsule Deluxe Portable Ver.2.0.9 $B$*$h$S$=$l0JA0(B
      - FileCapsule Deluxe Portable Ver.1.0.4.1 $B$*$h$S$=$l0JA0$r;HMQ$7$F:n@.$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k(B
      - FileCapsule Deluxe Portable Ver.1.0.5.1 $B$*$h$S$=$l0JA0$r;HMQ$7$F:n@.$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k(B
      - FileCapsule Deluxe Portable Ver.2.0.9 $B$*$h$S$=$l0JA0$r;HMQ$7$F:n@.$5$l$?<+8JI|9f7A<0$N0E9f%U%!%$%k(B

      $B$3$NLdBj$O!"(BFileCapsule Deluxe Portable $B$r3+H/<T$,Ds6!$9$k=$@5:Q$_$N%P!<(B
      $B%8%g%s$K99?7$7!"<+8JI|9f7A<0$N0E9f%U%!%$%k$r:n@.$7$J$*$9$3$H$G2r7h$7$^(B
      $B$9!#>\:Y$O!"3+H/<T$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      ON ERROR RESUME NEXT $B%V%m%0(B
      $B!Z=EMW$J$*CN$i$;![(BFileCapsule Deluxe Portable$B$N@H<e@-$K$D$$$F(B / [Important Notice] About FileCapsule Deluxe Portable Vulnerability
      http://resumenext.blog.fc2.com/blog-entry-30.html


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#:#=5$N$R$H$/$A%a%b(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!{AmL3>J$,!V%5%$%P!<967b!JI8E*7?967b!KBP:vKI8f%b%G%k$N2r@b!W$r8x3+(B

      2017$BG/(B7$B7n(B10$BF|!"AmL3>J$O!"418xD#$dL14V4k6H$J$I$K?d>)$5$l$kI8E*7?967b$X(B
      $B$NBP:v$K$D$$$F2r@b$7$?!V%5%$%P!<967b!JI8E*7?967b!KBP:vKI8f%b%G%k$N2r@b!W(B
      $B$r8x3+$7$^$7$?!#$3$N%I%-%e%a%s%H$O!"%$%s%7%G%s%H%l%9%]%s%9$N7W2h$H<B9T(B
      $B$K$D$$$F2r@b$7$?!V?M!&AH?%BP:v!W$H!";vA0BP:v!&8!CN!&;v8eBP:v$r2r@b$7$?(B
      $B!V5;=QE*BP:v!W$+$i9=@.$5$l$F$$$^$9!#(B

    $B;29MJ88%(B ($BF|K\8l(B)
      $BAmL3>J(B
      $B!V%5%$%P!<967b!JI8E*7?967b!KBP:vKI8f%b%G%k$N2r@b!W$N8xI=(B
      http://www.soumu.go.jp/menu_news/s-news/01ryutsu03_02000125.html

      $BAmL3>J(B
      $B%5%$%P!<967b!JI8E*7?967b!KBP:vKI8f%b%G%k$N2r@b(B
      http://www.soumu.go.jp/main_content/000495298.pdf


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(BJPCERT/CC $B$+$i$N$*4j$$(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!~K\%l%]!<%H$K4X$9$k$*Ld$$9g$o$;$O(B editor@jpcert.or.jp $B08$K$*4j$$CW$7$^(B
  $B$9!#$?$@$7!"(BJPCERT/CC $B$G$O!"Ds6!$9$k>pJs$K$D$$$F6qBNE*$JFbMF$=$N$b$N$K(B
  $B$D$$$F$N$4<ALd$K$O$*Ez$($G$-$J$$>l9g$b$"$j$^$9!#$^$?%P%C%/%J%s%P!<$O!"(B
  $B0J2<$N(B URL $B$+$i$4MxMQ$$$?$@$1$^$9!#(B

        https://www.jpcert.or.jp/wr/

$B!~K\%a!<%j%s%0%j%9%H$N9XFI?=9~$d9XFIDd;_!"$^$?EPO?$7$?EE;R%a!<%k%"%I%l%9(B
  $B$NJQ99$J$I$K$D$-$^$7$F$O!"0J2<$N(B URL $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/announce.html

$B!~(BJPCERT/CC $B$X$N%;%-%e%j%F%#%$%s%7%G%s%H$NJs9pJ}K!$K$D$$$F$O0J2<$N(B URL
  $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/form/

$B0J>e!#(B
__________

2017 (C) JPCERT/CC
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJZb/x6AAoJEDF9l6Rp7OBIz24H/0ZobNGrl7j5dcaAC3XTCtzH
v4LvWyRwMy0b8dG0yVrKQKLw7xwXxNSB2KbjdVoi/jjumRUWWIg5XUKw64pd3kpE
NyqJwgx4hfQPN7SI/0ECJ5ETVWn7zDeFLpLmYvG2w22pvOjSblBcVa6Weg+IJeNw
Qif4++pYCg9Xsax8Jtr0hqaR4odwJEmGeWPWESQgX1IKkttAhMO0OvvxJEEo+ghR
DChO6AQuQT8cz18AWMiLg3HYAMeKw2nwTFTUNfq0xgPO5kwv+WxiOsJySIEjbPFo
0NMAS3b78zEEShuy3wMJ3wLtZWr6vdED6WxFVmPZDDUIsqgFx9eue2my3Ayjkdw=
=vfWc
-----END PGP SIGNATURE-----