-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


                                                         JPCERT-WR-2017-3601
                                                                   JPCERT/CC
                                                                  2017-09-21

            <<< JPCERT/CC WEEKLY REPORT 2017-09-21 >>>

$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(B09/10($BF|(B)$B!A(B09/16($BEZ(B) $B$N%;%-%e%j%F%#4XO">pJs(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

== $BL\(B  $B<!(B ==================================================================

$B!Z(B1$B![J#?t$N(B Microsoft $B@=IJ$K@H<e@-(B
$B!Z(B2$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B
$B!Z(B3$B![J#?t$N(B Bluetooth $B<BAu$K@H<e@-(B
$B!Z(B4$B![(BWi-Fi STATION L-02F $B$KJ#?t$N@H<e@-(B
$B!Z(B5$B![J#?t$N(B VMware $B@=IJ$K@H<e@-(B
$B!Z(B6$B![(BRuby $B$KJ#?t$N@H<e@-(B
$B!Z(B7$B![!V(BApache Struts2 $B$KJ#?t$N@H<e@-!W$K4X$9$kDI2C>pJs(B
$B!Z(B8$B![(BSEIL $B%7%j!<%:%k!<%?$K%5!<%S%91?MQK832(B (DoS) $B$N@H<e@-(B
$B!Z(B9$B![(Bi-$B%U%#%k%?!<(B 6.0 $B$N%$%s%9%H!<%k(B $B%W%m%0%i%`$*$h$S%$%s%9%H!<%i$K(B DLL $BFI$_9~$_$d<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-(B
$B!Z(B10$B![(BFENCE-Explorer $B$N%$%s%9%H!<%i$K(B DLL $BFI$_9~$_$*$h$S<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-(B
$B!Z(B11$B![!V%U%#%C%7%s%0BP:v%;%_%J!<(B 2017$B!W3+:E$N$*CN$i$;(B
$B!Z:#=5$N$R$H$/$A%a%b![%U%#%C%7%s%0BP:v6(5D2q$,!V(BSSL $B%5!<%P!<>ZL@=q$K4X$9$k;v6H<T$J$i$S$KMxMQ<T8~$1%"%s%1!<%H$ND4::7k2L!W$r8x3+(B

  $B"(>R2p$9$k%;%-%e%j%F%#4XO">pJs$NA*Dj4p=`$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/

  $B"((BHTML $BHG$*$h$S(B XML $BHG$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/2017/wr173601.html
        https://www.jpcert.or.jp/wr/2017/wr173601.xml
============================================================================


$B!Z(B1$B![J#?t$N(B Microsoft $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Microsoft Releases September 2017 Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/09/12/Microsoft-Releases-September-2017-Security-Updates

    $B35MW(B
      $BJ#?t$N(B Microsoft $B@=IJ$K$O@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,(B
      $BG$0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Internet Explorer
      - Microsoft Edge
      - Microsoft Windows
      - Microsoft Office$B!"(BMicrosoft Office Services $B$*$h$S(B Web Apps
      - Skype for Business $B$*$h$S(B Lync
      - .NET Framework
      - Microsoft Exchange Server

      $B$3$NLdBj$O!"(BMicrosoft Update $BEy$rMQ$$$F!"99?7%W%m%0%i%`$rE,MQ$9$k$3$H(B
      $B$G2r7h$7$^$9!#>\:Y$O!"(BMicrosoft $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B%^%$%/%m%=%U%H3t<02q<R(B
      2017 $BG/(B 9 $B7n$N%;%-%e%j%F%#99?7%W%m%0%i%`(B
      https://portal.msrc.microsoft.com/ja-jp/security-guidance/releasenotedetail/5984735e-f651-e711-80dd-000d3a32fc99

      Japan Vulnerability Notes JVNVU#93526380
      Microsoft .NET Framework $B$N(B WSDL $B=hM}$KG$0U%3!<%I<B9T$N@H<e@-(B
      https://jvn.jp/vu/JVNVU93526380/

      JPCERT/CC Alert 2017-09-13
      2017$BG/(B 9$B7n%^%$%/%m%=%U%H%;%-%e%j%F%#99?7%W%m%0%i%`$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170036.html

$B!Z(B2$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Adobe Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/09/12/Adobe-Releases-Security-Updates

    $B35MW(B
      $BJ#?t$N(B Adobe $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,G$(B
      $B0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - RoboHelp RH2017.0.1 $B$*$h$S$=$l0JA0(B (Windows$BHG(B)
      - RoboHelp RH12.0.4.460 $B$*$h$S$=$l0JA0(B (Windows$BHG(B)
      - Adobe Flash Player $B%G%9%/%H%C%W%i%s%?%$%`(B 26.0.0.151 $B$*$h$S$=$l0JA0(B (Windows$BHG!"(BMacintosh$BHG!"(BLinux$BHG(B)
      - ColdFusion (2016 release) Update 4 $B$*$h$S$=$l0JA0(B
      - ColdFusion 11 Update 12 $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Adobe $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BAdobe $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Adobe $B%;%-%e%j%F%#>pJs(B
      RoboHelp $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB17-25
      https://helpx.adobe.com/jp/security/products/robohelp/apsb17-25.html

      Adobe $B%;%-%e%j%F%#>pJs(B
      Flash Player $BMQ$N%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB17-28
      https://helpx.adobe.com/jp/security/products/flash-player/apsb17-28.html

      Adobe $B%;%-%e%j%F%#>pJs(B
      ColdFusion $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB17-30
      https://helpx.adobe.com/jp/security/products/coldfusion/apsb17-30.html

      JPCERT/CC Alert 2017-09-13
      Adobe Flash Player $B$N@H<e@-(B (APSB17-28) $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170035.html

$B!Z(B3$B![J#?t$N(B Bluetooth $B<BAu$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      BlueBorne Bluetooth Vulnerabilities
      https://www.us-cert.gov/ncas/current-activity/2017/09/12/BlueBorne-Bluetooth-Vulnerabilities

    $B35MW(B
      $BJ#?t$N(B Bluetooth $B<BAu$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T(B
      $B$,G$0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Android $B%;%-%e%j%F%#%Q%C%A%l%Y%k(B 2017$BG/(B9$B7n$rE,MQ$7$F$$$J$$%P!<%8%g%s(B
      - Linux Kernel 3.3-rc1 $B0J9_$N%P!<%8%g%s(B
      - Linux BlueZ $B$9$Y$F$N%P!<%8%g%s(B
      - iOS version 9.3.5 $B$*$h$S$=$l0JA0(B
      - tvOS version 7.2.2 $B$*$h$S$=$l0JA0(B
      - Windows Vista $B0J9_$N(B 2017$BG/(B9$B7n%^%$%/%m%=%U%H%;%-%e%j%F%#99?7%W%m%0%i%`$rE,MQ$7$F$$$J$$%P!<%8%g%s(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r3+H/<T$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9(B
      $B$k$3$H$G2r7h$7$^$9!#$^$?!"<!$N2sHr:v$rE,MQ$9$k$3$H$G!"K\@H<e@-$N1F6A$r(B
      $B7Z8:$9$k$3$H$,2DG=$G$9!#(B

      - $B5!4o$N(B Bluetooth $B@\B3$r%*%U$K$9$k(B

      $B>\:Y$O!"3+H/<T$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Japan Vulnerability Notes JVNVU#95513538
      $BMM!9$J(B Bluetooth $B<BAu$KJ#?t$N@H<e@-(B
      https://jvn.jp/vu/JVNVU95513538/

      JPCERT/CC Alert 2017-09-13
      Bluetooth $B$N<BAu$K$*$1$k@H<e@-(B "BlueBorne" $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170037.html

$B!Z(B4$B![(BWi-Fi STATION L-02F $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#68922465
      Wi-Fi STATION L-02F $B$K%P%C%/%I%"$NLdBj(B
      https://jvn.jp/jp/JVN68922465/

      Japan Vulnerability Notes JVN#03044183
      Wi-Fi STATION L-02F $B$K$*$1$k%"%/%;%9@)8BITHw$N@H<e@-(B
      https://jvn.jp/jp/JVN03044183/

    $B35MW(B
      Wi-Fi STATION L-02F $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh(B
      $B;0<T$,G$0U$NA`:n$r9T$&$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Wi-Fi STATION L-02F $B%=%U%H%&%'%"%P!<%8%g%s(B V10g $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"(BWi-Fi STATION L-02F $B$r3t<02q<R(BNTT$B%I%3%b$,Ds6!$9$k=$@5:Q$_(B
      $B$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"3t<02q<R(BNTT$B%I%3%b$,Ds(B
      $B6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B3t<02q<R(BNTT$B%I%3%b(B
      $B!V(BWi-Fi STATION L-02F$B!W$r$4MxMQ$N$*5RMM$X!"%=%U%H%&%'%"%"%C%W%G!<%H<B;\$N$*4j$$(B
      https://www.nttdocomo.co.jp/info/notice/page/170710_01_m.html

      JPCERT/CC Alert 2017-09-12
      NTT$B%I%3%b(B Wi-Fi STATION L-02F $B$N@H<e@-$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2017/at170034.html

$B!Z(B5$B![J#?t$N(B VMware $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      VMware Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2017/09/15/VMware-Releases-Security-Updates

    $B35MW(B
      $BJ#?t$N(B VMware $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"%2%9%H(B OS $B$N%f!<(B
      $B%6$,!"%[%9%H(B OS $B>e$GG$0U$N%3!<%I$r<B9T$7$?$j!"%2%9%H(B OS $B>e$G%5!<%S%91?(B
      $BMQK832(B (DoS) $B967b$r9T$C$?$j$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - VMware ESXi 6.5
      - VMware ESXi 6.0
      - VMware ESXi 5.5
      - VMware vCenter Server 6.5
      - VMware Workstation 12 $B7O$N%P!<%8%g%s(B
      - VMware Fusion 8 $B7O$N%P!<%8%g%s(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B VMware $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BVMware $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      VMware Security Advisories
      VMSA-2017-0015.1
      https://www.vmware.com/security/advisories/VMSA-2017-0015.html

$B!Z(B6$B![(BRuby $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Ruby
      Ruby 2.2.8 $B%j%j!<%9(B
      https://www.ruby-lang.org/ja/news/2017/09/14/ruby-2-2-8-released/

      Ruby
      Ruby 2.3.5 $B%j%j!<%9(B
      https://www.ruby-lang.org/ja/news/2017/09/14/ruby-2-3-5-released/

      Ruby
      Ruby 2.4.2 $B%j%j!<%9(B
      https://www.ruby-lang.org/ja/news/2017/09/14/ruby-2-4-2-released/

    $B35MW(B
      Ruby $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,!"G$0U$N(B
      $B%3!<%I$r<B9T$7$?$j!"%5!<%S%91?MQK832(B (DoS) $B967b$r9T$C$?$j$9$k$J$I$N2D(B
      $BG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Ruby 2.2.7 $B$*$h$S$=$l0JA0$N(B 2.2 $B7O$N%P!<%8%g%s(B
      - Ruby 2.3.4 $B$*$h$S$=$l0JA0$N(B 2.3 $B7O$N%P!<%8%g%s(B
      - Ruby 2.4.1 $B$*$h$S$=$l0JA0$N(B 2.4 $B7O$N%P!<%8%g%s(B
      - revision 59672 $B$h$jA0$N3+H/HG(B

      $B$3$NLdBj$O!"(BRuby $B$r(B Ruby $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3$H(B
      $B$G2r7h$7$^$9!#>\:Y$O!"(BRuby $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Ruby
      CVE-2017-0898: Kernel.sprintf $B$K$*$1$k%P%C%U%!!<%"%s%@!<%i%s$K$D$$$F(B
      https://www.ruby-lang.org/ja/news/2017/09/14/sprintf-buffer-underrun-cve-2017-0898/

      Ruby
      CVE-2017-10784: WEBrick $B$N(B BASIC $BG'>Z$K$*$1$k%(%9%1!<%W%7!<%1%s%9A^F~$N@H<e@-$K$D$$$F(B
      https://www.ruby-lang.org/ja/news/2017/09/14/webrick-basic-auth-escape-sequence-injection-cve-2017-10784/

      Ruby
      CVE-2017-14033: OpenSSL $B$N(B ASN1 $B%G%3!<%I$K$*$1$k%P%C%U%!!<%"%s%@!<%i%s$K$D$$$F(B
      https://www.ruby-lang.org/ja/news/2017/09/14/openssl-asn1-buffer-underrun-cve-2017-14033/

      Ruby
      CVE-2017-14064: JSON $B$N@8@.;~$K$*$1$k%R!<%WK=O*$K$D$$$F(B
      https://www.ruby-lang.org/ja/news/2017/09/14/json-heap-exposure-cve-2017-14064/

      Ruby
      RubyGems $B$NJ#?t$N@H<e@-$K$D$$$F(B
      https://www.ruby-lang.org/ja/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

$B!Z(B7$B![!V(BApache Struts2 $B$KJ#?t$N@H<e@-!W$K4X$9$kDI2C>pJs(B

    $B>pJs8;(B
      US-CERT Current Activity
      Cisco Releases Security Advisories
      https://www.us-cert.gov/ncas/current-activity/2017/09/11/Cisco-Releases-Security-Update

    $B35MW(B
      JPCERT/CC WEEKLY REPORT 2017-09-13$B9f!Z(B1$B![$G>R2p$7$?!V(BApache Struts2 $B$K(B
      $BJ#?t$N@H<e@-!W$K4X$9$kDI2C>pJs$G$9!#(B

      Cisco $B$+$iLdBj$r=$@5$7$?%P!<%8%g%s$N(B Cisco $B@=IJ$,8x3+$5$l$^$7$?!#>\:Y(B
      $B$O!"(BCisco $B$,Ds6!$9$k>pJs$r;2>H$7$F2<$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Cisco Security Advisory
      Apache Struts 2 Remote Code Execution Vulnerability Affecting Multiple Cisco Products: September 2017
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170909-struts2-rce

      Cisco Security Advisory
      Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017
      https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2

$B!Z(B8$B![(BSEIL $B%7%j!<%:%k!<%?$K%5!<%S%91?MQK832(B (DoS) $B$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#76692689
      SEIL $B%7%j!<%:%k!<%?$K$*$1$k%5!<%S%91?MQK832(B (DoS) $B$N@H<e@-(B
      https://jvn.jp/jp/JVN76692689/

    $B35MW(B
      SEIL $B%7%j!<%:%k!<%?$K$O!"%5!<%S%91?MQK832(B (DoS) $B$N@H<e@-$,$"$j$^$9!#7k(B
      $B2L$H$7$F!"1s3V$NBh;0<T$,!":Y9)$7$?%Q%1%C%H$rAw?.$9$k$3$H$G!"%5!<%S%91?(B
      $BMQK832(B (DoS) $B967b$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - SEIL/X 4.60 $B$+$i(B 5.72 $B$^$G(B
      - SEIL/B1 4.60 $B$+$i(B 5.72 $B$^$G(B
      - SEIL/x86 3.20 $B$+$i(B 5.72 $B$^$G(B
      - SEIL/BPV4 5.00 $B$+$i(B 5.72 $B$^$G(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$N%U%!!<%`%&%'%"$r3t<02q<R%$%s%?!<%M%C%H%$%K%7(B
      $B%"%F%#%V$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y(B
      $B$O!"3t<02q<R%$%s%?!<%M%C%H%$%K%7%"%F%#%V$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5(B
      $B$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      SEIL
      $BFCDj$N(BIKE$B%Q%1%C%H$N<u?.$K$h$j(BIPsec$B%$%s%?%U%'!<%9$G$NDL?.$,$G$-$J$/$J$k@H<e@-(B
      https://www.seil.jp/support/security/a01811.html

$B!Z(B9$B![(Bi-$B%U%#%k%?!<(B 6.0 $B$N%$%s%9%H!<%k(B $B%W%m%0%i%`$*$h$S%$%s%9%H!<%i$K(B DLL $BFI$_9~$_$d<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#75929834
      i-$B%U%#%k%?!<(B 6.0 $B$N%$%s%9%H!<%k(B $B%W%m%0%i%`$*$h$S%$%s%9%H!<%i$K$*$1$k(B DLL $BFI$_9~$_$d<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-(B
      https://jvn.jp/jp/JVN75929834/

    $B35MW(B
      i-$B%U%#%k%?!<(B 6.0 $B$N%$%s%9%H!<%k(B $B%W%m%0%i%`$*$h$S%$%s%9%H!<%i$K$O!"(BDLL
      $BFI$_9~$_$d<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"Bh(B
      $B;0<T$,G$0U$N%3!<%I$r<B9T$9$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - i-$B%U%#%k%?!<(B 6.0 $B%$%s%9%H!<%k(B $B%W%m%0%i%`(B $B%U%!%$%k%P!<%8%g%s(B 1.0.8.1 $B$*$h$S$=$l0JA0(B
      - i-$B%U%#%k%?!<(B 6.0 $B%$%s%9%H!<%i!<(B $B%G%8%?%k=pL>$N%?%$%`%9%?%s%W$,(B 2017$BG/(B8$B7n(B23$BF|(B (JST) $B$h$j8E$$F|IU$H$J$C$F$$$kHG(B

      $B$3$NLdBj$O!"%G%8%?%k%"!<%D3t<02q<R$,Ds6!$9$k:G?7$N%$%s%9%H!<%i$G$O2r7h(B
      $B$7$F$$$^$9!#$J$*!"$9$G$K(B i-$B%U%#%k%?!<(B 6.0 $B$r%$%s%9%H!<%k$7$F$$$k>l9g$K(B
      $B$O!"$3$NLdBj$N1F6A$O$"$j$^$;$s!#>\:Y$O!"%G%8%?%k%"!<%D3t<02q<R$,Ds6!$9(B
      $B$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B%G%8%?%k%"!<%D3t<02q<R(B
      $B!V(Bi-$B%U%#%k%?!<(B 6.0 $B%$%s%9%H!<%k(B $B%W%m%0%i%`!W$*$h$S!V(Bi-$B%U%#%k%?!<(B 6.0 $B%$%s%9%H!<%i!<!W$N@H<e@-$K$D$$$F(B
      http://www.daj.jp/cs/info/2017/0912/

$B!Z(B10$B![(BFENCE-Explorer $B$N%$%s%9%H!<%i$K(B DLL $BFI$_9~$_$*$h$S<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#57205588
      FENCE-Explorer $B$N%$%s%9%H!<%i$K$*$1$k(B DLL $BFI$_9~$_$*$h$S<B9T%U%!%$%k8F$S=P$7$K4X$9$k@H<e@-(B
      https://jvn.jp/jp/JVN57205588/

    $B35MW(B
      FENCE-Explorer $B$N%$%s%9%H!<%i$K$O!"(BDLL $BFI$_9~$_$*$h$S<B9T%U%!%$%k8F$S(B
      $B=P$7$K4X$9$k@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"Bh;0<T$,G$0U$N%3!<%I$r<B9T$9(B
      $B$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - FENCE-Explorer for Windows V8.4.1 $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"3t<02q<RIY;NDL%S!<!&%(%9!&%7!<$,Ds6!$9$k:G?7$N%$%s%9%H!<%i(B
      $B$G$O2r7h$7$F$$$^$9!#$J$*!"$9$G$K(B FENCE-Explorer for Windows $B$r%$%s%9%H!<(B
      $B%k$7$F$$$k>l9g$K$O!"$3$NLdBj$N1F6A$O$"$j$^$;$s!#>\:Y$O!"3t<02q<RIY;NDL(B
      $B%S!<!&%(%9!&%7!<$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B3t<02q<RIY;NDL%S!<!&%(%9!&%7!<(B
      $B!Z=EMW![(BFENCE-Explorer$B$N%$%s%9%H!<%i$K$*$1$k(BDLL$BFI$_9~$_$K4X$9$k@H<e@-$K$D$$$F(B
      https://www.fujitsu.com/jp/group/bsc/services/fence/info-2017080101.html

$B!Z(B11$B![!V%U%#%C%7%s%0BP:v%;%_%J!<(B 2017$B!W3+:E$N$*CN$i$;(B

    $B>pJs8;(B
      $B%U%#%C%7%s%0BP:v6(5D2q(B
      $B%U%#%C%7%s%0BP:v%;%_%J!<(B 2017 $B3+:E$N$40FFb(B
      https://www.antiphishing.jp/news/event/antiphishing_seminar2017.html

    $B35MW(B
      $B%U%#%C%7%s%0BP:v6(5D2q$G$O!"(B2020$BG/$K8~$1$F$5$i$KA}2C$,M=B,$5$l$k%U%#%C(B
      $B%7%s%0:>5=$KBP1~$9$k$?$a!";v6H<TB&$N8z2LE*$JBP:vB%?J$r%F!<%^$K!V%U%#%C(B
      $B%7%s%0BP:v%;%_%J!<(B 2017$B!W$r3+:E$$$?$7$^$9!#:#G/EY$N%;%_%J!<$G$O%U%#%C(B
      $B%7%s%0:>5=$K4XO"$9$kK!<99T5!4X!"(BSNS$B;v6H<T!"6bM;5!4X!"3X=Q5!4X$N(B 4$B<T$=(B
      $B$l$>$l$N@lLgE*$JN)>l$+$i!":G?7$N>pJs$H:>5=$N798~!"$=$NBP1~:v$J$I$r$4>R(B
      $B2p$$$?$7$^$9!#(B

      $B;22CHq$OL5NA$G$9$,!";vA0$K;22C?=9~$_$,I,MW$H$J$j$^$9!#K~@J$K$J$j<!Bh!"(B
      $B<uIU=*N;$H$5$;$F$$$?$@$-$^$9$N$G!"$4N;>5$/$@$5$$!#(B

      $BF|;~$*$h$S>l=j(B:
          2017$BG/(B11$B7n(B10$BF|(B ($B6b(B) 13:00 - 18:00 ($B<uIU3+;O(B 12:15$B!A(B)
          $BBg:j%V%i%$%H%3%"%[!<%k(B (JR $BBg:j1X(B $B?7El8}(B)
          $B")(B141-0001 $BEl5~ETIJ@n6hKLIJ@n(B5$BCzL\(B5$BHV(B15$B9f(B $BBg:j%V%i%$%H%3%"(B3$B3,(B
          http://osaki-hall.jp/access/


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#:#=5$N$R$H$/$A%a%b(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!{%U%#%C%7%s%0BP:v6(5D2q$,!V(BSSL $B%5!<%P!<>ZL@=q$K4X$9$k;v6H<T$J$i$S$KMxMQ<T8~$1%"%s%1!<%H$ND4::7k2L!W$r8x3+(B

      2017$BG/(B9$B7n(B12$BF|!"%U%#%C%7%s%0BP:v6(5D2q$O!"!V(BSSL $B%5!<%P!<>ZL@=q$K4X$9$k(B
      $B;v6H<T$J$i$S$KMxMQ<T8~$1%"%s%1!<%HD4::7k2L!W$r8x3+$7$^$7$?!#$3$N%"%s%1!<(B
      $B%H$O!"(BSSL $B%5!<%P!<>ZL@=q$NE,@5$JIa5Z7<H/$dB%?J$rL\E*$H$7$F<B;\$5$l$?$b(B
      $B$N$G$9!#(BEC $B%5%$%H!"%M%C%H%P%s%-%s%0Ey$N(B Web $B%5%$%H$N;v6H<T$*$h$SMxMQ<T(B
      $B$rBP>]$H$7$F!"(BSSL $B%5!<%P!<>ZL@=q$NF3F~8z2L$K$D$$$F$NM}2r$NDxEY$d!"%$%s(B
      $B%?!<%M%C%HMxMQ;~$N%;%-%e%j%F%#0U<1$J$I$K$D$$$FD4::$7$F$$$^$9!#(B

    $B;29MJ88%(B ($BF|K\8l(B)
      $B%U%#%C%7%s%0BP:v6(5D2q(B
      $B!Z;qNA8x3+![(B SSL $B%5!<%P!<>ZL@=q$K4X$9$k;v6H<T$J$i$S$KMxMQ<T8~$1%"%s%1!<%HD4::7k2L$K$D$$$F(B (2017/09/12)
      https://www.antiphishing.jp/news/info/ssl_servercertified_questionnaire.html

      $B%U%#%C%7%s%0BP:v6(5D2q(B
      SSL $B%5!<%P!<>ZL@=q$K4X$9$k(B $B;v6H<T$J$i$S$KMxMQ<T8~$1%"%s%1!<%HD4::7k2L(B
      https://www.antiphishing.jp/news/pdf/SSLserverCertQuestionnaire01.pdf


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(BJPCERT/CC $B$+$i$N$*4j$$(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!~K\%l%]!<%H$K4X$9$k$*Ld$$9g$o$;$O(B editor@jpcert.or.jp $B08$K$*4j$$CW$7$^(B
  $B$9!#$?$@$7!"(BJPCERT/CC $B$G$O!"Ds6!$9$k>pJs$K$D$$$F6qBNE*$JFbMF$=$N$b$N$K(B
  $B$D$$$F$N$4<ALd$K$O$*Ez$($G$-$J$$>l9g$b$"$j$^$9!#$^$?%P%C%/%J%s%P!<$O!"(B
  $B0J2<$N(B URL $B$+$i$4MxMQ$$$?$@$1$^$9!#(B

        https://www.jpcert.or.jp/wr/

$B!~K\%a!<%j%s%0%j%9%H$N9XFI?=9~$d9XFIDd;_!"$^$?EPO?$7$?EE;R%a!<%k%"%I%l%9(B
  $B$NJQ99$J$I$K$D$-$^$7$F$O!"0J2<$N(B URL $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/announce.html

$B!~(BJPCERT/CC $B$X$N%;%-%e%j%F%#%$%s%7%G%s%H$NJs9pJ}K!$K$D$$$F$O0J2<$N(B URL
  $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/form/

$B0J>e!#(B
__________

2017 (C) JPCERT/CC
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJZwwBYAAoJEDF9l6Rp7OBITykH/A2Cpjr1Kt2pr8F9Aly3zdhC
yGZ1j70HjSbfCKJfY5ZVULLBjjvt39dsfWSZnFdn6vfqU5q6hOTthOax7bCyflgL
ZgUfTFloNfLsgA8WULZSzwMabN9YfPTztHcJPNj+NOCUOfB9dIo5S+/aHQcYnUK3
14UmFQKK6r4/ACImQapcYjHEOHyyLthuj7keHbU82YptvoA/BxaTpeAknar70vPV
gaZuwkJSFJrIwzeDQ/4lrOPl6U8hOu3e0UHPAaBiQzo4iEapze2k2OigTHjKrGbZ
SWCykX8uhcamxMJ/myiPWB+mcCk6N0yPoaZ04+tIDPEEK+f6LGRejPGMsWuGUuE=
=i+Yh
-----END PGP SIGNATURE-----