[º¸¾È´º½º ¹Î¼¼¾Æ] VMware»ç´Â ÀÓÀÇÄÚµå ½ÇÇà, ±ÇÇÑ»ó½Â Ãë¾àÁ¡ µîÀ» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù. ¿µÇâ ¹Þ´Â ¹öÀüÀÇ »ç¿ëÀÚ´Â ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇÏ´Â °ÍÀÌ ¾ÈÀüÇÏ´Ù.
¾÷µ¥ÀÌÆ®µÈ Ãë¾àÁ¡Àº ¡âÈü ¹öÆÛ¿À¹öÇ÷ο츦 ÅëÇÑ ÀÓÀÇÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2016-7081) ¡âÀ©µµ¿ì ±â¹Ý °¡»ó¸Ó½ÅÀÇ ¸Þ¸ð¸® ¼Õ»ó Ãë¾àÁ¡(CVE-2016-7082, 7083, 7084) ¡âOSX ±â¹Ý VM ToolsÀÇ NULL Æ÷ÀÎÅÍ ¿ª ÂüÁ¶¸¦ ÅëÇÑ ÀÎÇÑ ±ÇÇÑ »ó½Â Ãë¾àÁ¡(CVE-2016-7079, 7080) ¡âDLL ÇÏÀÌÀçÅ·À» ÅëÇÑ ÀÓÀÇÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2016-7085) ¡â¾ÈÀüÇÏÁö ¾ÊÀº ½ÇÇàÆÄÀÏÀ» ·ÎµåÇÏ¿© ÀÓÀÇÄÚµå ½ÇÇà Ãë¾àÁ¡(CVE-2016-7086) µîÀÌ´Ù.
ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î´Â ´ÙÀ½°ú °°´Ù.
¡ã Èü ¹öÆÛ¿À¹öÇ÷οì Ãë¾àÁ¡
¡ã Memory corruption Ãë¾àÁ¡
¡ã NULL Æ÷ÀÎÅÍ ¿ªÂüÁ¶ Ãë¾àÁ¡
¡ã DLL ÇÏÀÌÀçÅ· Ãë¾àÁ¡
¡ã Insecure executable loading Ãë¾àÁ¡
ÇØ´ç Ãë¾àÁ¡À» ÇØ°áÇϱâ À§Çؼ´Â ¾Æ·¡ Âü°í»çÀÌÆ®ÀÇ ¼ÒÇÁÆ®¿þ¾î ÃֽŠ¹öÀüÀ» ¼³Ä¡Çϰųª Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø¾øÀÌ 118)¸¦ Âü°íÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
[1] http://www.vmware.com/security/advisories/VMSA-2016-0014.html
[2] ESXi 6.0 : https://www.vmware.com/patchmgr/findPatch.portal
[3] ESXi 5.5 : https://www.vmware.com/patchmgr/findPatch.portal
[4] Workstation Pro 12.5.0 : https://www.vmware.com/go/downloadworkstation
[5] Workstation Player 12.5.0 : https://www.vmware.com/go/downloadplayer
[6] Fusion 8.5.0 : https://www.vmware.com/go/downloadfusion
[7] Tools 10.0.9 : https://my.vmware.com/web/vmware/details?
productId=491&downloadGroup=VMTOOLS1009
[¹Î¼¼¾Æ ±âÀÚ(boan5@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>