-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


                                                         JPCERT-WR-2019-3201
                                                                   JPCERT/CC
                                                                  2019-08-21

            <<< JPCERT/CC WEEKLY REPORT 2019-08-21 >>>

$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(B08/11($BF|(B)$B!A(B08/17($BEZ(B) $B$N%;%-%e%j%F%#4XO">pJs(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

== $BL\(B  $B<!(B ==================================================================

$B!Z(B1$B![J#?t$N(B Microsoft $B@=IJ$K@H<e@-(B
$B!Z(B2$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B
$B!Z(B3$B![J#?t$N(B Intel $B@=IJ$K@H<e@-(B
$B!Z(B4$B![(BHTTP/2 $B$N<BAu$KJ#?t$NLdBj(B
$B!Z(B5$B![(BSwiftNIO HTTP/2 $B$KJ#?t$N@H<e@-(B
$B!Z(B6$B![(BApache HTTP Web Server $B$KJ#?t$N@H<e@-(B
$B!Z(B7$B![(BBluetooth BR/EDR $B$G$N0E9f80%(%s%H%m%T!<$N%M%4%7%(!<%7%g%s$NLdBj(B
$B!Z(B8$B![IY;N%<%m%C%/%93t<02q<R$NJ#?t$N@=IJ$K%*!<%W%s%j%@%$%l%/%H$N@H<e@-(B
$B!Z:#=5$N$R$H$/$A%a%b![(BMicrosoft $B@=IJ$K$*$1$kJ#?t$N@H<e@-(B (CVE-2019-1181/CVE-2019-1182) $B$K$D$$$F(B

  $B"(>R2p$9$k%;%-%e%j%F%#4XO">pJs$NA*Dj4p=`$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/

  $B"((BHTML $BHG$*$h$S(B XML $BHG$O0J2<$N%Z!<%8$r$4Mw$/$@$5$$!#(B
        https://www.jpcert.or.jp/wr/2019/wr193201.html
        https://www.jpcert.or.jp/wr/2019/wr193201.xml
============================================================================


$B!Z(B1$B![J#?t$N(B Microsoft $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Microsoft Releases August 2019 Security Updates
      https://www.us-cert.gov/ncas/current-activity/2019/08/13/microsoft-releases-august-2019-security-updates

    $B35MW(B
      $BJ#?t$N(B Microsoft $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T(B
      $B$,G$0U$N%3!<%I$r<B9T$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Microsoft Windows
      - Internet Explorer
      - Microsoft Edge
      - ChakraCore
      - Microsoft Office $B$*$h$S(B Microsoft Office Services $B$*$h$S(B Web Apps
      - Visual Studio
      - Online Services
      - Active Directory
      - Microsoft Dynamics

      $B$3$NLdBj$O!"(BMicrosoft Update $B$J$I$rMQ$$$F!"99?7%W%m%0%i%`$rE,MQ$9$k$3(B
      $B$H$G2r7h$7$^$9!#>\:Y$O!"(BMicrosoft $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $B%^%$%/%m%=%U%H3t<02q<R(B
      2019 $BG/(B 8 $B7n$N%;%-%e%j%F%#99?7%W%m%0%i%`(B
      https://portal.msrc.microsoft.com/ja-jp/security-guidance/releasenotedetail/312890cc-3673-e911-a991-000d3a33a34d

      JPCERT/CC
      2019$BG/(B 8$B7n%^%$%/%m%=%U%H%;%-%e%j%F%#99?7%W%m%0%i%`$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2019/at190032.html

    $B4XO"J8=q(B ($B1Q8l(B)
      US-CERT Current Activity
      Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
      https://www.us-cert.gov/ncas/current-activity/2019/08/14/microsoft-releases-security-updates-address-remote-code-execution

      US-CERT Current Activity
      Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability
      https://www.us-cert.gov/ncas/current-activity/2019/08/15/microsoft-releases-security-update-windows-elevation-privilege

$B!Z(B2$B![J#?t$N(B Adobe $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Adobe Releases Security Updates for Multiple Products
      https://www.us-cert.gov/ncas/current-activity/2019/08/13/adobe-releases-security-updates-multiple-products

    $B35MW(B
      $BJ#?t$N(B Adobe $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,!"(B
      $B>pJs$r@`<h$7$?$j!"G$0U$N%3!<%I$r<B9T$7$?$j$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Adobe Acrobat Reader DC Continuous (2019.012.20034) $B$*$h$S$=$l0JA0(B (macOS)
      - Adobe Acrobat Reader DC Continuous (2019.012.20035) $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Acrobat Reader DC Classic 2017 (2017.011.30142) $B$*$h$S$=$l0JA0(B (macOS)
      - Adobe Acrobat Reader DC Classic 2017 (2017.011.30143) $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Acrobat Reader DC Classic 2015 (2015.006.30497) $B$*$h$S$=$l0JA0(B (macOS)
      - Adobe Acrobat Reader DC Classic 2015 (2015.006.30498) $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Acrobat DC Continuous (2019.012.20034) $B$*$h$S$=$l0JA0(B (macOS)
      - Adobe Acrobat DC Continuous (2019.012.20035) $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Acrobat DC Classic 2017 (2017.011.30142) $B$*$h$S$=$l0JA0(B (macOS)
      - Adobe Acrobat DC Classic 2017 (2017.011.30143) $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Acrobat DC Classic 2015 (2015.006.30497) $B$*$h$S$=$l0JA0(B (macOS)
      - Adobe Acrobat DC Classic 2015 (2015.006.30498) $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe After Effects CC 2019 16 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Character Animator CC 2019 2.1 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Premiere Pro CC 2019 13.1.2 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Prelude CC 2019 8.1 $B$*$h$S$=$l0JA0(B (Windows)
      - Adobe Creative Cloud Desktop Application 4.6.1 $B$*$h$S$=$l0JA0(B (Windows, macOS)
      - Adobe Experience Manager 6.5, 6.4
      - Adobe Photoshop CC 19.1.8 $B$*$h$S$=$l0JA0(B (Windows, macOS)
      - Adobe Photoshop CC 20.0.5 $B$*$h$S$=$l0JA0(B (Windows, macOS)

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Adobe $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BAdobe $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      JPCERT/CC
      Adobe Acrobat $B$*$h$S(B Reader $B$N@H<e@-(B (APSB19-41) $B$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2019/at190031.html

      JPCERT/CC
      $BJ#?t$N(B Adobe $B@=IJ$N%"%C%W%G!<%H$K$D$$$F(B
      https://www.jpcert.or.jp/newsflash/2019081402.html

      Adobe
      Adobe After Effects $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-31
      https://helpx.adobe.com/jp/security/products/after_effects/apsb19-31.html

      Adobe
      Adobe Character Animator $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-32
      https://helpx.adobe.com/jp/security/products/character_animator/apsb19-32.html

      Adobe
      Adobe Premiere Pro CC $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-33
      https://helpx.adobe.com/jp/security/products/premiere_pro/apsb19-33.html

      Adobe
      Adobe Prelude CC $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-35
      https://helpx.adobe.com/jp/security/products/prelude/apsb19-35.html

      Adobe
      Creative Cloud $B%G%9%/%H%C%W%"%W%j%1!<%7%g%s$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-39
      https://helpx.adobe.com/jp/security/products/creative-cloud/apsb19-39.html

      Adobe
      Adobe Acrobat $B$*$h$S(B Reader $B$K4X$9$k%;%-%e%j%F%#B.Js(B | APSB19-41
      https://helpx.adobe.com/jp/security/products/acrobat/apsb19-41.html

      Adobe
      Adobe Experience Manager $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-42
      https://helpx.adobe.com/jp/security/products/experience-manager/apsb19-42.html

      Adobe
      Adobe Photoshop CC $B$K4X$9$k%;%-%e%j%F%#%"%C%W%G!<%H8x3+(B | APSB19-44
      https://helpx.adobe.com/jp/security/products/photoshop/apsb19-44.html

$B!Z(B3$B![J#?t$N(B Intel $B@=IJ$K@H<e@-(B

    $B>pJs8;(B
      US-CERT Current Activity
      Intel Releases Security Updates
      https://www.us-cert.gov/ncas/current-activity/2019/08/13/intel-releases-security-updates

    $B35MW(B
      $BJ#?t$N(B Intel $B@=IJ$K$O!"@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"Bh;0<T$,!"%5!<%S(B
      $B%91?MQK832(B (DoS) $B967b$r9T$C$?$j!"8"8B>:3J$r9T$C$?$j$9$k$J$I$N2DG=@-$,(B
      $B$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$O<!$N$H$*$j$G$9!#(B

      - Intel RAID Web Console 2
      - Intel NUC Kit NUC7i7DNx
      - Intel NUC Kit NUC7i5DNx
      - Intel NUC Kit NUC7i3DNx
      - Intel Compute Stick STK2MV64CC
      - Intel Compute Card CD1IV128MK
      - Intel Authenticate
      - Intel Driver & Support Assistant
      - Intel Remote Displays SDK
      - Intel Processor Identification Utility for Windows
      - Intel Computing Improvement Program

      $B"((B $B1F6A$r<u$1$k%P!<%8%g%s$OB?4t$KEO$j$^$9!#BP>]$N>\:Y$O!"(BIntel $B$,Ds6!(B
      $B$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$r(B Intel $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K99?7(B
      $B$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BIntel $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B
      $B$J$*!"(BIntel RAID Web Console 2 $B$O3+H/$,=*N;$7$F$*$j!"8e7Q@=IJ$G$"$k(B
      Intel RAID Web Console 3 $B$N%$%s%9%H!<%k$,?d>)$5$l$F$$$^$9!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Japan Vulnerability Notes JVNVU#99945432
      Intel $B@=IJ$KJ#?t$N@H<e@-(B
      https://jvn.jp/vu/JVNVU99945432/

      JPCERT/CC
      Intel $B@=IJ$K4X$9$kJ#?t$N@H<e@-$K$D$$$F(B
      https://www.jpcert.or.jp/newsflash/2019081401.html

    $B4XO"J8=q(B ($B1Q8l(B)
      Intel
      INTEL-SA-00246: Intel RAID Web Console 2 Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00246.html

      Intel
      INTEL-SA-00272: Intel NUC Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00272.html

      Intel
      INTEL-SA-00275: Intel Authenticate Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00275.html

      Intel
      INTEL-SA-00276: Intel Driver & Support Assistant Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00276.html

      Intel
      INTEL-SA-00277: Intel Remote Displays SDK Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00277.html

      Intel
      INTEL-SA-00281: Intel Processor Identification Utility for Windows Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00281.html

      Intel
      INTEL-SA-00283: Intel Computing Improvement Program Advisory
      https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00283.html

$B!Z(B4$B![(BHTTP/2 $B$N<BAu$KJ#?t$NLdBj(B

    $B>pJs8;(B
      US-CERT Current Activity
      Multiple HTTP/2 Implementation Vulnerabilities
      https://www.us-cert.gov/ncas/current-activity/2019/08/14/multiple-http2-implementation-vulnerabilities

    $B35MW(B
      HTTP/2 $B$N<BAu$K$O!"J#?t$NLdBj$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,%5!<(B
      $B%S%91?MQK832(B (DoS) $B967b$r9T$&2DG=@-$,$"$j$^$9!#(B

      $B$3$NLdBj$KBP$7$F!"J#?t$N%Y%s%@$+$i>pJs$,8x3+$5$l$F$$$^$9!#;HMQ$7$F$$$k(B
      $B3F%=%U%H%&%(%"$N%Y%s%@$dG[I[85$J$I$N>pJs$r3NG'$7!"BP:v$N;\$5$l$?%P!<%8%g(B
      $B%s$,8x3+$5$l$F$$$k>l9g!"E,MQ$9$k$3$H$r$*$9$9$a$7$^$9!#>\:Y$O!"3F%Y%s%@(B
      $B$J$I$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Japan Vulnerability Notes JVNVU#98433488
      HTTP/2 $B$N<BAu$KBP$9$k%5!<%S%91?MQK832(B (DoS) $B967b<jK!(B
      https://jvn.jp/vu/JVNVU98433488/

      Apple
      SwiftNIO HTTP/2 1.5.0 $B$N%;%-%e%j%F%#%3%s%F%s%D$K$D$$$F(B
      https://support.apple.com/ja-jp/HT210436

    $B4XO"J8=q(B ($B1Q8l(B)
      CERT/CC Vulnerability Note VU#605641
      HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion
      https://www.kb.cert.org/vuls/id/605641/

      Apache Software Foundation
      HTTP/2 DoS issues announced today - Impact for Apache Tomcat
      https://mail-archives.apache.org/mod_mbox/tomcat-announce/201908.mbox/%3C71e8f5f2-86ff-26b3-e792-73eeb8655acb%40apache.org%3E

      h2o
      HTTP/2 DoS attack vulnerabilities CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 #2090
      https://github.com/h2o/h2o/issues/2090

      nginx
      [nginx-announce] nginx security advisory (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516)
      https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html

$B!Z(B5$B![(BSwiftNIO HTTP/2 $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#93696206
      Apple SwiftNIO HTTP/2 $B$K$*$1$k@H<e@-$KBP$9$k%"%C%W%G!<%H(B
      https://jvn.jp/vu/JVNVU93696206/

    $B35MW(B
      SwiftNIO HTTP/2 $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T(B
      $B$,%5!<%S%91?MQK832(B (DoS) $B967b$r9T$&2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - macOS Sierra 10.12 $B0J9_(B $B$*$h$S(B Ubuntu 14.04 $B0J9_$GF0:n$7$F$$$k(B SwiftNIO HTTP/2 1.0.0 $B$+$i(B 1.4.0

      $B$3$NLdBj$O!"(BSwiftNIO HTTP/2 $B$r(B Apple $B$,Ds6!$9$k=$@5:Q$_$N%P!<%8%g%s$K(B
      $B99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BApple $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5(B
      $B$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Apple
      SwiftNIO HTTP/2 1.5.0 $B$N%;%-%e%j%F%#%3%s%F%s%D$K$D$$$F(B
      https://support.apple.com/ja-jp/HT210436

$B!Z(B6$B![(BApache HTTP Web Server $B$KJ#?t$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVNVU#98790275
      Apache HTTP Web Server 2.4 $B$K$*$1$kJ#?t$N@H<e@-$KBP$9$k%"%C%W%G!<%H(B
      https://jvn.jp/vu/JVNVU98790275/

    $B35MW(B
      Apache HTTP Web Server $B$K$O!"J#?t$N@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V(B
      $B$NBh;0<T$,>pJs2~$6$s$d!"%5!<%S%91?MQK832(B (DoS) $B967b$r9T$&$J$I$N2DG=@-(B
      $B$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Apache HTTP Web Server 2.4.41 $B$h$jA0$N%P!<%8%g%s(B

      $B$3$NLdBj$O!"(BApache HTTP Server $B$r(B Apache Software Foundation $B$,Ds6!$9(B
      $B$k=$@5:Q$_$N%P!<%8%g%s$K99?7$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"(BApache
      Software Foundation $B$,Ds6!$9$k>pJs$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($B1Q8l(B)
      Apache Software Foundation
      Fixed in Apache httpd 2.4.41
      https://httpd.apache.org/security/vulnerabilities_24.html#2.4.41

      Apache Software Foundation
      Apache HTTP Server 2.4.41 Released
      https://www.apache.org/dist/httpd/Announcement2.4.html

$B!Z(B7$B![(BBluetooth BR/EDR $B$G$N0E9f80%(%s%H%m%T!<$N%M%4%7%(!<%7%g%s$NLdBj(B

    $B>pJs8;(B
      CERT/CC Vulnerability Note VU#918987
      Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
      https://kb.cert.org/vuls/id/918987/

    $B35MW(B
      Bluetooth BR/EDR $B@\B3$N0E9f2=$GMQ$$$i$l$k0E9f80$N%(%s%H%m%T!<$N%M%4%7(B
      $B%(!<%7%g%s$K$O!"Cf4V<T$K$h$k967b$K@H<e$G$"$kLdBj$,$"$j$^$9!#7k2L$H$7$F!"(B
      $BBh;0<T$,Cf4V<T967b$K$h$C$F0E9fDL?.$rEpD0$9$k$J$I$N2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - Bluetooth BR/EDR Core v5.1 $B$*$h$S$=$l0JA0(B

      2019$BG/(B8$B7n(B21$BF|8=:_!"$3$NLdBj$KBP$9$k2r7h:v$ODs6!$5$l$F$$$^$;$s!#3F%Y%s(B
      $B%@$N>pJs$r3NG'$7!"BP:v$,;\$5$l$?%P!<%8%g%s$,8x3+$5$l$F$$$k>l9g$OB.$d$+(B
      $B$KE,MQ$9$k$3$H$r$*$9$9$a$7$^$9!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      Japan Vulnerability Notes JVNVU#90240762
      Bluetooth BR/EDR $B$G$N0E9f80%(%s%H%m%T!<$N%M%4%7%(!<%7%g%s$K$*$1$kLdBj(B
      https://jvn.jp/vu/JVNVU90240762/

    $B4XO"J8=q(B ($B1Q8l(B)
      Bluetooth
      Key Negotiation of Bluetooth
      https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/

      Bluetooth
      The building blocks of all Bluetooth devices
      https://www.bluetooth.com/specifications/

      Bluetooth
      Keep up to date with Errata
      https://www.bluetooth.com/specifications/errata/

$B!Z(B8$B![IY;N%<%m%C%/%93t<02q<R$NJ#?t$N@=IJ$K%*!<%W%s%j%@%$%l%/%H$N@H<e@-(B

    $B>pJs8;(B
      Japan Vulnerability Notes JVN#07679150
      ApeosWare Management Suite $B$*$h$S(B ApeosWare Management Suite 2 $B$K$*$1$k%*!<%W%s%j%@%$%l%/%H$N@H<e@-(B
      https://jvn.jp/jp/JVN07679150/

    $B35MW(B
      $BIY;N%<%m%C%/%93t<02q<R$,Ds6!$9$kJ#?t$N@=IJ$K$O!"%*!<%W%s%j%@%$%l%/%H$N(B
      $B@H<e@-$,$"$j$^$9!#7k2L$H$7$F!"1s3V$NBh;0<T$,%f!<%6$K:Y9)$7$?%Z!<%8$r3+(B
      $B$+$;$k$3$H$G!"G$0U$N%&%'%V%5%$%H$K%j%@%$%l%/%H$5$;$k2DG=@-$,$"$j$^$9!#(B

      $BBP>]$H$J$k@=IJ$*$h$S%P!<%8%g%s$O<!$N$H$*$j$G$9!#(B

      - ApeosWare Management Suite Ver.1.4.0.18 $B$*$h$S$=$l0JA0(B
      - ApeosWare Management Suite 2 Ver.2.1.2.4 $B$*$h$S$=$l0JA0(B

      $B$3$NLdBj$O!"3:Ev$9$k@=IJ$rIY;N%<%m%C%/%93t<02q<R$,Ds6!$9$k=$@5%Q%C%A$r(B
      $BE,MQ$9$k$3$H$G2r7h$7$^$9!#>\:Y$O!"IY;N%<%m%C%/%93t<02q<R$,Ds6!$9$k>pJs(B
      $B$r;2>H$7$F$/$@$5$$!#(B

    $B4XO"J8=q(B ($BF|K\8l(B)
      $BIY;N%<%m%C%/%93t<02q<R(B
      ApeosWare Management Suite$B$N%*!<%W%s%j%@%$%l%/%H@H<e@-$K$D$$$F(B
      https://www.fujixerox.co.jp/support/software/aw_manage_suite_1/contents/awms_notice02


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#:#=5$N$R$H$/$A%a%b(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!{(BMicrosoft $B@=IJ$K$*$1$kJ#?t$N@H<e@-(B (CVE-2019-1181/CVE-2019-1182) $B$K$D$$$F(B

      2019$BG/(B8$B7n(B13$BF|(B ($BJF9q;~4V(B)$B!"(BMicrosoft $B$,!"%j%b!<%H%G%9%/%H%C%W%5!<%S%9$K(B
      $B$*$$$F!"1s3V$+$iG$0U$N%3!<%I<B9T$,2DG=$J@H<e@-$K4X$9$k>pJs$r8x3+$7$^$7(B
      $B$?!#:#8e!"$3$N@H<e@-$r0-MQ$9$k%^%k%&%(%"$,EP>l$7$?>l9g$K!"@H<e$JC<Kv$K(B
      $B46@w$,9-$,$k2DG=@-$,$"$k$H$N$3$H$G$9!#$3$NLdBj$O!"(B2019$BG/(B8$B7n$N%;%-%e%j(B
      $B%F%#99?7%W%m%0%i%`$rE,MQ$9$k$3$H$G2r7h$7$^$9!#K\%W%m%0%i%`$r$^$@E,MQ$7(B
      $B$F$$$J$$>l9g!"(BMicrosoft Update $B$J$I$rMQ$$$F!"B.$d$+$KE,MQ$9$k$3$H$r$*(B
      $B$9$9$a$7$^$9!#(B

    $B;29MJ88%(B ($BF|K\8l(B)
      JPCERT/CC
      2019$BG/(B 8$B7n%^%$%/%m%=%U%H%;%-%e%j%F%#99?7%W%m%0%i%`$K4X$9$kCm0U4-5/(B
      https://www.jpcert.or.jp/at/2019/at190032.html

    $B;29MJ88%(B ($B1Q8l(B)
      Microsoft Security Response Center (MSRC)
      Patch new wormable vulnerabilities in Remote Desktop Services (CVE-2019-1181/1182)
      https://msrc-blog.microsoft.com/2019/08/13/patch-new-wormable-vulnerabilities-in-remote-desktop-services-cve-2019-1181-1182/


$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B
$B"#(BJPCERT/CC $B$+$i$N$*4j$$(B
$B!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=!=(B

$B!~K\%l%]!<%H$K4X$9$k$*Ld$$9g$o$;$O(B ew-info@jpcert.or.jp $B08$K$*4j$$CW$7$^(B
  $B$9!#$?$@$7!"(BJPCERT/CC $B$G$O!"Ds6!$9$k>pJs$K$D$$$F6qBNE*$JFbMF$=$N$b$N$K(B
  $B$D$$$F$N$4<ALd$K$O$*Ez$($G$-$J$$>l9g$b$"$j$^$9!#$^$?%P%C%/%J%s%P!<$O!"(B
  $B0J2<$N(B URL $B$+$i$4MxMQ$$$?$@$1$^$9!#(B

        https://www.jpcert.or.jp/wr/

$B!~K\%a!<%j%s%0%j%9%H$N9XFI?=9~$d9XFIDd;_!"$^$?EPO?$7$?EE;R%a!<%k%"%I%l%9(B
  $B$NJQ99$J$I$K$D$-$^$7$F$O!"0J2<$N(B URL $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/announce.html

$B!~(BJPCERT/CC $B$X$N%;%-%e%j%F%#%$%s%7%G%s%H$NJs9pJ}K!$K$D$$$F$O0J2<$N(B URL
  $B$r;2>H$7$F$/$@$5$$!#(B

        https://www.jpcert.or.jp/form/

$B0J>e!#(B
__________

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJdXIq2AAoJEKntH+qu5CT/OGQP/j7Nz1jEZgcFj3a/FtIFxwoZ
qUpOVX+R1b2uT1ahWQ6SnDxGu1R7Zg0+HcYoueKZsgpIIIAgIAryaBC8OiabApeM
QdxWJnQMDFXbVCN9CjCy5UHWG14mzeeJ7Mp1DhhB3211Tx/+6NSBGfjDvuvf8jdO
nsPX8KhGBTq2h5Kl2QQwFgGG7EASkz22zsSjxbRa1L6M8h714Y+LHWDKeZdfXPeR
7OJHgODYT0mQCVugxBJnvnwcOgdlCoXueAuH1BGEMt24sOenPOiZ/YzAhdlSTH+7
bs0txnoTmqtBGhYn5CEIg9ny1epKP4XqqiUpKn4GNjwe9hv5jrbfG1UsZgSNfYCE
Vtvbw8EGWkzZtdDSva+y1HOTyk1UDOPmVR4TzPjEn1TEcxsdoJotHzl7QptNF5uJ
v21HChXVRti+Wz1PABUxj4XoO7lk69c0Awk/tbi2XclxwgILG/JDeDIl5uG2SBP7
+56h4F0yiNaMZmktb5OCAIxblRLXllG+WCw0+uV/SRPK+I5hUyTaSULz5vTX7qkP
H7YtjKG96Pcg4K/+jPfV75Hth9eAAwxh6CFXydz6O6qC8SGjVrJwFMgix4ul3Qd6
HSgoDz0psBXQYgeMbKRpayhpta4Wwk2aDqcw52AUCeRB6a6DohFzq1hTOk+RMryr
2zO1cWi+4A9UftOprpfU
=1tEf
-----END PGP SIGNATURE-----