Trend Micro Security

MS10-097:インターネット接続のサインアップ ウィザードの安全でないライブラリのロードにより、リモートでコードが実行される (2443105)

  危険度: :
  CVE識別番号: CVE-2010-3144

  概要

This update resolves a vulnerability in the Internet Connection Signup Wizard of Microsoft Windows, which could allow remote code execution. This exploit works if a user opens an .ins or .isp file located in the same network folder as a specially crafted library file. More specifically, this update addresses the vulnerability by correcting the manner by which the Internet Connection Signup Wizard loads external libraries.

  トレンドマイクロの対策

  対応方法

  影響を受けるソフトウェア

  • Windows XP Service Pack 3
  • Windows XP Professional x64 Edition Service Pack 2
  • Windows Server 2003 Service Pack 2
  • Windows Server 2003 x64 Edition Service Pack 2
  • Windows Server 2003 with SP2 for Itanium-based Systems