==============================================================

マカフィー サポート通信 - リスク管理ソリューション 2011.07.19
==============================================================

本メールはMcAfee Vulnerability Manager製品のサポートをご購入のお客様
に配信しております。

○-======  今週のマカフィー Vulnerability Manager (目次)  =======-○
1) FSL UPDATE
2) OSパッチアップデート
3) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について
4) 「サポート通信」登録方法変更のお知らせ

※) マカフィーからのサービス
○-===================================================-○

-------------------------------------------------------
1) FSL UPDATE
-------------------------------------------------------
マカフィーは以下のVulnerability Manager製品のアップデートを提供しています。
最新更新日: 2011-JUL-14

(SUMMARY)

新しいチェック項目 :       1
改善されたチェック項目 :      94
削除されたチェック項目 :       1

 追加・改善されたシグネチャ項目等の詳細は以下の製品ダウンロード
 ページから「McAfee Foundstone Update」の最新版を入手してください。

 http://www.mcafee.com/japan/licensed2/

新しいチェック項目:

* FID #12347 (MS11-055) Microsoft Visio Insecure Library Loading Remote Code Execution (2560847)
    Risk: High

改善されたチェック項目:

  * FID #6492 (MS09-006) Microsoft Windows Kernel Input Validation Vulnerability (958690)
    Recommendation is updated
  * FID #7316 (MS09-065) Win32k NULL Pointer Dereferencing Vulnerability
(969947)
    Recommendation is updated
  * FID #7317 (MS09-065) Win32k Insufficient Data Validation Vulnerability
(969947)
    Recommendation is updated
  * FID #7318 (MS09-065) Win32k EOT Parsing Vulnerability (969947)
    Recommendation is updated
  * FID #7332 (MS09-065) Vulnerabilities In Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947)
    Recommendation is updated
  * FID #7413 (MS09-006) Vulnerabilities In Windows Kernel Could Allow Remote Code Execution (958690)
    Recommendation is updated
  * FID #7681 (MS08-061)Vulnerabilities In Windows Kernel Could Allow Elevation Of Privilege (954211)
    Recommendation is updated
  * FID #9694 (MS10-048) Microsoft Windows Win32k Window Creation Vulnerability (2160329)
    Recommendation is updated
  * FID #9695 (MS10-048) Microsoft Windows Win32k User Input Validation Vulnerability (2160329)
    Recommendation is updated
  * FID #9696 (MS10-048) Microsoft Windows Win32k Exception Handling Vulnerability (2160329)
    Recommendation is updated
  * FID #9697 (MS10-048) Microsoft Windows Win32k Pool Overflow Vulnerability (2160329)
    Recommendation is updated
  * FID #9698 (MS10-048) Microsoft Windows Win32k Bounds Checking Vulnerability (2160329)
    Recommendation is updated
  * FID #12219 (MS11-041) Microsoft Windows Kernel-Mode Drivers Could Allow Remote Code Execution (KB2525694)
    Recommendation is updated
  * FID #12247 (MS11-041) Vulnerability In Windows Kernel-Mode Drivers Could Allow Remote Code Execution (KB2525694)
    Recommendation is updated
  * FID #12323 (MS11-053) Microsoft Windows Bluetooth Stack Error Allow Remote Code Execution (2566220)
    FASLScript is updated
  * FID #12339 (MS11-053) Microsoft Windows Bluetooth Stack Error Allow Remote Code Execution (2566220)
    FASLScript is updated
  * FID #4815 (MS07-021) Microsoft MsgBox (CSRSS) Remote Code Execution Vulnerability (930178)
    Recommendation is updated
  * FID #5061 (MS07-021) Microsoft CSRSS Local Elevation of Privilege Vulnerability (930178)
    Recommendation is updated
  * FID #5805 (MS08-025) Microsoft Windows Kernel Vulnerability (941693)
    Recommendation is updated
  * FID #6169 (MS08-061) Microsoft Windows Kernel Window Creation Vulnerability (954211)
    Recommendation is updated
  * FID #6170 (MS08-061) Microsoft Windows Kernel Unhandled Exception Vulnerability (954211)
    Recommendation is updated
  * FID #6171 (MS08-061) Microsoft Windows Kernel Memory Corruption Vulnerability (954211)
    Recommendation is updated
  * FID #6493 (MS09-006) Windows Kernel Handle Validation Vulnerability
(958690)
    Recommendation is updated
  * FID #6494 (MS09-006) Windows Kernel Invalid Pointer Vulnerability
(958690)
    Recommendation is updated
  * FID #6766 (MS09-025) Microsoft Windows Desktop Parameter Edit Vulnerability (968537)
    Recommendation is updated
  * FID #6767 (MS09-025) Microsoft Windows Driver Class Registration Vulnerability (968537)
    Recommendation is updated
  * FID #6768 (MS09-025) Microsoft Windows Kernel Desktop Vulnerability
(968537)
    Recommendation is updated
  * FID #6769 (MS09-025) Microsoft Windows Kernel Pointer Validation Vulnerability (968537)
    Recommendation is updated
  * FID #7544 (MS09-025) Vulnerabilities In Windows Kernel Could Allow Elevation of Privilege (968537)
    Recommendation is updated
  * FID #7732 (MS08-025) Vulnerability In Windows Kernel Could Allow Elevation Of Privilege (941693)
    Recommendation is updated
  * FID #7855 (MS10-011) Microsoft Windows CSRSS Local Privilege Escalation Vulnerability (978037)
    Recommendation is updated
  * FID #7885 (MS10-011) Vulnerability In Windows Client/Server Run-time Subsystem Could Allow Elevation Of Privilege (978037)
    Recommendation is updated
  * FID #7980 JBoss Web Console Cross-Site Scripting Vulnerability
(CVE-2009-2405)
    Recommendation is updated
  * FID #9063 (MS10-032) Vulnerabilities In Windows Kernel-Mode Drivers Could Allow Remote Code Execution (979559)
    Recommendation is updated
  * FID #9073 (MS10-032) Microsoft Windows Win32k Improper Data Validation Vulnerability (979559)
    Recommendation is updated
  * FID #9074 (MS10-032) Microsoft Windows Win32k Window Creation Vulnerability (979559)
    Recommendation is updated
  * FID #9075 (MS10-032) Microsoft Windows Win32k TrueType Font Parsing Vulnerability (979559)
    Recommendation is updated
  * FID #9722 (MS10-048) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)
    Recommendation is updated
  * FID #10037 (MS10-069) Microsoft Windows CSRSS Local Elevation of Privilege (2121546)
    Recommendation is updated
  * FID #10048 (MS10-069) Vulnerability In Windows Client/Server Runtime Subsystem Could Allow Elevation of Privilege (2121546)
    Recommendation is updated
  * FID #10358 (MS10-073) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
    Recommendation is updated
  * FID #10360 (MS10-073) Microsoft Windows Win32K Reference Count Privilege Escalation (981957)
    Recommendation is updated
  * FID #10361 (MS10-073) Microsoft Windows Win32K Keyboard Layout Privilege Escalation (981957)
    Recommendation is updated
  * FID #10362 (MS10-073) Microsoft Windows Win32k Window Class Privilege Escalation (981957)
    Recommendation is updated
  * FID #10643 Oracle Database DBMS_JAVA.SET_OUTPUT_TO_JAVA Privilege Escalation Vulnerability
    Recommendation is updated
  * FID #10869 (MS10-098) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
    Recommendation is updated
  * FID #10898 (MS10-098) Microsoft Windows Win32k Buffer Overflow Could Allow Elevation Of Privilege (2436673)
    Recommendation is updated
  * FID #10899 (MS10-098) Microsoft Windows Win32k Buffer Overflow Could Allow Elevation Of Privilege CVE-2010-3940 (2436673)
    Recommendation is updated
  * FID #10900 (MS10-098) Microsoft Windows Win32k Double Free Could Allow Elevation Of Privilege (2436673)
    Recommendation is updated
  * FID #10901 (MS10-098) Microsoft Windows Win32k WriteAV Could Allow Elevation Of Privilege (2436673)
    Recommendation is updated
  * FID #10902 (MS10-098) Microsoft Windows Win32k Cursor Linking Could Allow Elevation Of Privilege (2436673)
    Recommendation is updated
  * FID #10903 (MS10-098) Microsoft Windows Win32k Memory Corruption Could Allow Elevation Of Privilege (2436673)
    Recommendation is updated
  * FID #11241 (MS11-010) Windows Client/Server Run-time Subsystem Elevation of Privilege (2476687)
    Recommendation is updated
  * FID #11244 (MS11-012) Microsoft Win32k Improper User Input Validation
(2479628)
    Recommendation is updated
  * FID #11245 (MS11-012) Microsoft Win32k Insufficient User Input Validation (2479628)
    Recommendation is updated
  * FID #11246 (MS11-012) Microsoft Win32k Window Class Pointer Confusion
(2479628)
    Recommendation is updated
  * FID #11247 (MS11-012) Microsoft Win32k Window Class Improper Pointer Validation (2479628)
    Recommendation is updated
  * FID #11248 (MS11-012) Microsoft Win32k Memory Corruption (2479628)
    Recommendation is updated
  * FID #11256 (MS11-010) Vulnerability In Windows Client/Server Run-time Subsystem Could Allow Elevation Of Privilege (2476687)
    Recommendation is updated
  * FID #11266 (MS11-012) Vulnerabilities In Windows Kernel-Mode Drivers Could Allow Elevation Of Privilege (2479628)
    Recommendation is updated
  * FID #11770 (MS11-034) Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)
    Recommendation is updated
  * FID #11791 (MS11-034) Microsoft Win32k Use After Free I (2506223)
    Recommendation is updated
  * FID #11792 (MS11-034) Microsoft Win32k Use After Free II (2506223)
    Recommendation is updated
  * FID #11793 (MS11-034) Microsoft Win32k Use After Free III (2506223)
    Recommendation is updated
  * FID #11794 (MS11-034) Microsoft Win32k Use After Free IV (2506223)
    Recommendation is updated
  * FID #11795 (MS11-034) Microsoft Win32k Use After Free V (2506223)
    Recommendation is updated
  * FID #11796 (MS11-034) Microsoft Win32k Use After Free VI (2506223)
    Recommendation is updated
  * FID #11797 (MS11-034) Microsoft Win32k Use After Free VII (2506223)
    Recommendation is updated
  * FID #11798 (MS11-034) Microsoft Win32k Use After Free VIII (2506223)
    Recommendation is updated
  * FID #11799 (MS11-034) Microsoft Win32k Use After Free IX (2506223)
    Recommendation is updated
  * FID #11800 (MS11-034) Microsoft Win32k Use After Free X (2506223)
    Recommendation is updated
  * FID #11801 (MS11-034) Microsoft Win32k Use After Free XI (2506223)
    Recommendation is updated
  * FID #11802 (MS11-034) Microsoft Win32k Use After Free XII (2506223)
    Recommendation is updated
  * FID #11803 (MS11-034) Microsoft Win32k Use After Free XIII (2506223)
    Recommendation is updated
  * FID #11804 (MS11-034) Microsoft Win32k Use After Free XIV (2506223)
    Recommendation is updated
  * FID #11805 (MS11-034) Microsoft Win32k Use After Free XV (2506223)
    Recommendation is updated
  * FID #11806 (MS11-034) Microsoft Win32k Use After Free XVI (2506223)
    Recommendation is updated
  * FID #11807 (MS11-034) Microsoft Win32k Use After Free XVII (2506223)
    Recommendation is updated
  * FID #11808 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation I (2506223)
    Recommendation is updated
  * FID #11809 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation II (2506223)
    Recommendation is updated
  * FID #11810 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation III (2506223)
    Recommendation is updated
  * FID #11811 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation IV (2506223)
    Recommendation is updated
  * FID #11812 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation V (2506223)
    Recommendation is updated
  * FID #11813 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation VI (2506223)
    Recommendation is updated
  * FID #11814 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation VII (2506223)
    Recommendation is updated
  * FID #11815 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation VIII (2506223)
    Recommendation is updated
  * FID #11816 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation IX (2506223)
    Recommendation is updated
  * FID #11817 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation X (2506223)
    Recommendation is updated
  * FID #11818 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation XI (2506223)
    Recommendation is updated
  * FID #11819 (MS11-034) Microsoft Win32k Null Pointer Dereference Privilege Escalation XII (2506223)
    Recommendation is updated
  * FID #11836 (MS11-034) Microsoft Win32k Use After Free XVIII (2506223)
    Recommendation is updated
  * FID #4837 (MS07-021) Microsoft CSRSS DoS Vulnerability (930178)
    Recommendation is updated
  * FID #7478 ISC BIND DNSSEC Unauthorized Return Vulnerability
    Risk is updated
  * FID #70014 netbios-helpers.fasl3.inc
    FASLScript is updated

削除されたチェック項目:

  * FID #6648 OpenSSL ASN1_STRING_print_ex Function Denial of Service Vulnerability

-------------------------------------------------------
2) アプライアンス OSパッチアップデート
-------------------------------------------------------
 期間: 2011/07/14 ~ 2011/07/19 (日本時間)

今回のアップデートはございません。

-------------------------------------------------------
3) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について
-------------------------------------------------------
○ お知らせ

企業向けサポートコミュニティサイト「Japan Corporate Support」を開設いたしました。
また、「企業向けお客様サポート公式 Twitter」を開設し、サポート情報のリアルタイム
配信を開始しました。

マカフィー、ユーザー参加型の企業向け製品コミュニティサイトをオープン
~サポート部門が主体となり企業セキュリティに関するディスカッションの場を提供~
(4月18日発プレスリリース)
http://www.mcafee.com/japan/about/prelease/pr_11a.asp?pr=11/04/18-1

● 開始日

2011/04/18 (月) 9:00

○ 備考

- 企業向けサポートコミュニティサイト「Japan Corporate Support」
   https://community.mcafee.com/community/japan
   サポート通信や FAQ 掲載情報、製品及びパッチのリリース情報やドキュメントが掲載
   されます。また、製品に関する技術的な情報に関して、コミュニティご登録者が参加
   可能なフリーディスカッションのスペースがございます。

- 企業向けお客様サポート公式 Twitter
   http://twitter.com/McAfee_BTS_JP
   Twitter サービスを利用し、サポート通信や FAQ 掲載情報、製品及びパッチのリリー
   ス情報がリアルタイムで配信されます。

  コミュニティサイトの登録方法、 Twitter のフォロー方法などの詳細につきましては、
  以下のページをご覧ください。
  http://www.mcafee.com/Japan/support/japancorporate.asp

-------------------------------------------------------
4) 「サポート通信」登録方法変更のお知らせ
-------------------------------------------------------
サポート通信の登録方法が下記の通り変更となりましたのでお知らせいたします。

6月1日以降に新規契約をしたお客様には、4種類のサポート通信を配信いたします。各種サ
ポート通信が不要な方は、各サポート通信の文末に記載されているURLにアクセスして、解除
手続きを行っていただきます。

障害などでサポート窓口にお問い合わせいただいた新規のご担当者様には、今までどおり、
「サポート通信 - 登録のご案内」メールを1回のみ配信いたします。
http://www.mcafee.com/japan/support/customer_support/techsupport_regform.asp

---------------------------------------------------------
※ マカフィーからのサービス
---------------------------------------------------------
○マカフィーサポート通信について
- 配信停止
  「マカフィー サポート通信 - リスク管理ソリューション 」の配信停止をご希望される方は、
  以下のページより手続きをお願い致します。
 https://md.pbz.jp/s/r-ctrl.php?act=PCDelAuth&funcinfo_allreset=1&uid=mcafee&mid= foundstone_supp
- 各種法人ユーザ登録情報の変更はこちら
   ⇔ http://www.mcafee.com/japan/support/customer_support/tourokuhenkou.asp

○マカフィーでは、製品の技術的FAQ等多くのサービスや情報提供を行っています。是非ご活用ください。
 http://www.mcafee.com/japan/support/

●===McAfee=============================================○
発信元:
マカフィー株式会社
テクニカルサポートセンター インフォメーション係
(c) 2011 McAfee, Inc. All Rights Reserved.
お客様は,マカフィー株式会社の事前の書面による承諾を得ることなく、
掲載内容の無断転載を禁じます。
○=============================================McAfee===●