piyokangoɕAn[hEFAƎ㐫NEhݒ͂ǂׂH@CISAJXguKEVCvƂ́H\\[fCāuNfCv΍ցFWF1PVX̂߂̐Ǝ㐫Ǘ^΍̌i2j - IT

piyokangoɕAn[hEFAƎ㐫NEhݒ͂ǂׂH@CISAJXguKEVCvƂ́H\\[fCāuNfCv΍FWF1PVX̂߂̐Ǝ㐫Ǘ^΍̌i2j

܂̎ɑƎ㐫Ǘ^΍݂̍TWuLog4j 2ANEhݒ~XȂ\1PVX̂߂̐Ǝ㐫Ǘ^΍̌vBɑACVfg܂Ƃ߂ċL^upiyologv^cpiyokangoɁAgƎ㐫hǂFׂAĐVȏ\[XlƎ㐫΍݂̍ɂ‚ĕB

» 2022N0902 0500 J
[{cCIT]

̋L͉łBo^ijƑSĂ܂B

@ƎiႭjƑgDɗ^éAz傫Azgʓ|h󋵂ɂBuƎ㐫vƂt̔FAlɂđ傫قȂAΏz肵ĂȂƎ㐫݂”\B

@CVfg܂ƂߋL^upiyologv^cpiyokangóAƎ㐫ɂ܂‚鎖ϑĂBOɑ҂ł́A̒mgƎ㐫hǂFׂAĐVȏ\[XlƎ㐫΍݂̍𕷂B

gn[hEFAh_

\\‚邬ca@ł́AVPN@̐Ǝ㐫_A傫ȎƂȂ܂BCPUɂuSpectrev͂߁An[hEFAуn[hEFAɋ߂̐Ǝ㐫_邱Ƃ邩Ǝv܂B

piyokango@ŋ߂łSpectreɎƎ㐫ƂāAuRetbleedvbɂȂĂ܂BƎ㐫Ή̖ʂƊ̂͂n[hEFAɋNƎ㐫̏񂪖炩ɂȂƂAe󂯂lu҂łvƂӎɂ̂ł͂ȂƂƂłB

@n[hEFA̐Ǝ㐫JꂽꍇA̓n[hEFAx_[Cł̃t@[EFÃAbvf[gJAΉƂȂ킯łAp҂ɒڐi񋟂x_[Ɛi̊J̃x_[قȂꍇ܂Bp҂ɒڐi񋟂x_[ŐṼt@[EFA؂Kv̂ŁAp҂̎ɓn悤ɂȂ܂łɎԂv邱Ƃ܂BĂAbvf[gJꂽƂɂ́AΉ̔[ƂȂbĂ邱ƂAu͂낤HvƂȂĂ܂˂܂B

@܂Windowŝ悤ɎIɃAbvf[gȂꍇ́A\ȎmȂΗp҂Ǝ㐫̏CsȂAΉxꂽ肷邱Ƃ܂B

@‚邬ca@TEFA̔QɑCVfgł́AVPN@̐Ǝ㐫ɋN”\wEĂ܂AƎ㐫2019NɏCłJĂAɂ2021N9VPN@̔F؏񂪗oĂ܂BRƂĎQĂAuZLeB̑ΉA[hvł͂‚邬ca@̊֌W҂ɂ̓̂bfĂ܂B

@̃CVfgʼnۑ1‹ƂVPN@܂ޕێΉ𖾊mɂĂׂƂ_łBҊԂɂČ_͈͂ӔC̕E_ȂǏ\ɐAĂȂ̂ł͂ȂƐ@܂ÃCVfg̈ȑOێǗ\ł͂Ȃ@ɋNZLeBCVfgтыNĂA‚邬ca@قȎł͂ȂƎv܂B̃CVfg𓥂܂AgDœK؂Ȏɔcׂ󂯂ĒS҂ΉłĂ邩ǂɂ‚āg_hׂł͂Ȃł傤B

@܂n[hEFA̐Ǝ㐫̓|[^TCgɃOCČɍs˂΂ȂȂAێ_łȂƏłȂƂ܂܂ł傤B㗝XƂ̃R~jP[VKvɂȂ邱Ƃ܂BuďoĂvƂ̂΂ł܂BƎ㐫ɂuR~jP[V`l@\Ă邩vɂ‚Đقǂ́g_hɉĂv܂B

@‚邬ca@̃CVfgNĂA‚̃ZLeBCVfg̕a@łĂ܂BKɂāA‚邬ca@̂悤ɈÃT[rXւ̒Ԃ̉eĂ킯ł͂ȂA炱̃CVfguE`͑vȂ̂HvƂgĂсA֐SAȌɂ‚Ȃ̂܂BCVfg̑ΉɒǂĂɂ炸ȂgDQlɂłʂAfBAȂǂʂĐϋɓIɌJi߂‚邬ca@̎g݂͑f炵Ǝv܂B

\\\tgEFAƃn[hEFAŁAΉS\ɈႢ܂H

piyokango@ŋ߂ł́AWindowsWebuEUȂǂ̎vȃ\tgEFAł͐Ǝ㐫CAbvf[gAp҂ӎɃZLAȏԂۂ悤ɂȂ܂Bn[hEFAɖڂƁA悤ɗp҂ɈӎȂꂪ‚‚悤Ɋ܂B

@Ⴆ΃u[hoh[^[łAt@[EFÃAbvf[gXV悤ɂȂĂ鐻i܂B̐iȂÅǗ҃pX[hꗥŒł͂ȂAiŗL̃pX[hݒ肳Ă̂唼ł͂Ȃł傤Bߋ̈pɊwԎg݂Ałi߂Ă܂B

@ŗp҂́uAĂ̂Ȃ΁Â܂܂ł悢vƎv邱Ƃł傤BpҎ_ɗĂ΁uʓ|vƂvAbvf[gϋɓIɍs`x[V͂܂Bɂ̎̋@́Aɓ삵ĂꍇAU҉炩̕sȓĂĂCtƂ͂ł܂B̓_ɂẮAn[hEFA͖蔭ւ̋CtK؂ȊǗƊ܂Bɉƒp@ł͐ɓ삷邱ƂD悳AZLeB͓̎ɂȂ肪łB

@̂悤ȃn[hEFA̐Ǝ㐫ϋɓIɑ_󋵂͍낤Ǝv܂BŐVWindowsȂA炩̐Ǝ㐫݂ꍇɈpeɘa΍􂪐iłAU҂Ǝ㐫gčU𐬗邱Ǝ̂ȂĂ邩łB

\\e[NɂāANiЂςjVPN\[XJo[邽߂ɁAÂ@oƂÛɂȂ܂B

piyokango@̑gDVPN@̐Ǝ㐫ɋNCVfg܂A̒łc@HQɑCVfg͊wԂׂ_܂Bc@Hł́AƂƐƎ㐫ΉςłVPN@gpĂ̂łAe[Npɑ΂镉וÛ߂ɁAȑOgpĂ芷Ő@AƎ㐫Cɋ}ғƂŁA2Jɏ񗬏o̔QɑĂ܂܂BuƎ㐫CĂȂ@͂_vƂɂ‚Ă͉߂ĔFȂĂ͂Ȃ܂B

NEhݒ~X́uƎ㐫vH

\\ł́ANEhT[rX̐ݒ~XŁA񂪈Ӑ}J鎖񍐂Ă܂B

piyokango@NEhT[rXgΗeՂɏ񏈗⋤L”\ƂȂA⌇Ȃ̂ƂȂʁAԈႦƁAӐ}ȂlɂgLhĂ܂R܂Bߋɂ́uTrellovSalesforcẽT[rXłAݒsɋNR܂B

@̂悤ȐݒsɋNCVfgNہAT[rX񋟎҂Ɨp҂̊ԂŖ݂̏F킹Jn邱ƂN蓾܂BݒsŋN̓T[rX́uƎ㐫vƈ̂Ap҂́usӁv̂B݂̔F̊u肪傫΁A}ɂׂΉɎԂvĂ܂˂܂BNEhT[rX͒񋟂鎖Ǝ҂Ǝ㐫C܂̂ŁAZLAȏԂۂ܂A@\ljAύXĂ̂ŗp҂̓ecĂKv܂BuCtςĂvƂȂȂ悤AT[rX񋟂鎖Ǝ҂ƗpҊԂ̃R~jP[V͓ɏdvłB

@ɗp҂ɂĂAgDɂƎ㐫ΉƂāÂ悤ȋ@\ύXɋN肪mɊ܂܂̂ǂOĂ܂B͎ςł͂܂ANEhT[rX̐ݒɋŃA݉΃CVfgƂĈ”\͂̂́ARɖh~邽߂ɁuƎ㐫vƂđAWAΉĂgD͑Ȃ̂ł͂ȂƎvĂ邩łB

CISAJ郊Xgɒڂ

\\ŋ߁ACISAič̃TCo[ZLeBЉՈSۏᒡj́um̈pꂽƎ㐫ꗗvڂĂ܂ˁB

piyokango@CISAA2021N113^pn߂uKnown Exploited Vulnerabilities Catalogvim̈pꂽƎ㐫ꗗFȉAKEVCj́ACISApFƎ㐫܂Ƃ߂XgłBudȃXN̂Ǝ㐫̂Am̂̂K؂ɑΉvƂړIōsĂAuBinding Operational Directive 22-01vɔ͂Ȏg݂łBɂ́uDue Datevݒ肳ĂAč{@ւ͎w肳ꂽ܂łɐƎ㐫ւ̑Ής܂邱Ƃ߂܂B

@CISA͐Ǝ㐫̈pmFĂ24ԈȓɁAJ^Oɒlj悤ɉ^pĂ܂B݁i2022N8̃C^r[_jł794̐Ǝ㐫܂܂ĂAuAdobe Flash PlayervuMicrosoft Silverlightv܂ށANȏOɌ\ꂽƎ㐫XgAbvĂApmFĂƎ㐫ɑ΂āAx̖ԗđΉ󋵂mFۂɎQlƂȂ̂ł͂Ȃł傤B

\\uɁAĂقvƂ_͂܂H

piyokango@uBinding Operational Directive 22-01vɂ́ÃXgɊւFAQLڂĂAuCISAǂ̂悤ɃJ^O^pĂ邩vɂ‚Ă̍lqׂĂ߂܂B܂łʐƎ㐫]VXeuCVSSviCommon Vulnerability Scoring Systemj͂߁AƎ㐫]wW܂AƎ㐫̑Ήł́A̓ŏÎł͂ȂǍuǂfđΉׂvdvłBłX\AʂɂƎ㐫̒D悵đΉׂ̂ǂȂ̂AgA[Wɑ΂l͉Iȉ͂ȂAƂYޕłB

@CISA͐FAQŁu2019Nȍ~̐Ǝ㐫̂ApĂ̂CVEiCommon Vulnerabilities and Exposuresj4vƂf[^񎦂Ă܂BupĂ邩ǂgA[W̊ϓ_ƂďdvvƁAFAQŏqׂĂ̂łB

udvx̐Ǝ㐫Ɗm̈pƎ㐫AǂɏC邱ƂdvHvƂ_ɊւAKEVČƂȂuBinding Operational Directive 22-01vł́um̈pꂽƎ㐫ŗDɂׂvƉ񓚂Ă

@KEVČJ̓Xgɒlj锻fubN{bNXłAFAQNjLA܂Ŏ̒ŋ^ɎvĂ_܂BKEVC͊ɑ̎҂璍ڂĂłAPɁu֗XgvƑ邾ł́uȂvƎv܂BЁAFAQ܂ĂpƎv܂B

\\KEVCŁAɒӓ_͂܂H

piyokango@͂FAQƕ̂łAKEVCɌfڂɂ́uCVE̔ԂĂ邱ƁvupĂƂMłF邱ƁvAĈԏdvȂ̂́uXVvOJĂ邱ƁvłBԂ΁Au[fCvƌ悤ȁACi݂ĂȂƎ㐫͌fڂ܂B

@ŋߘbɂȂuMicrosoft Support Diagnostic ToolviMSDTjɊւƎ㐫uCVE-2022-34713v2022N89KEVCɌfڂ܂A̐Ǝ㐫6{ɂ͘bɂȂĂ̂ŁA΂炭̊KEVCɌfڂȂƂ܂B̂߁AKEVCĂ܂ƁÂ悤ȐƎ㐫̑ΉŌ܂B̓_ɂĂAFAQǂłAJ^OɒljlmĂ悢ł傤B

@܂ÃXg͕č@ւoĂ̂łB{ł́uJVNviJapan Vulnerability NotesjƂƎ㐫֘A܂Ƃ߂TCg܂AlIɂ͓{ŎɗpĂ\tgEFA̐Ǝ㐫܂Ƃ߂Au{KEVCvĂ悢̂ł͂ȂƎvĂ܂B

[fCAāuNfCv\\xƎ㐫芪Њ‹

\\Ǝ㐫̑΍ŁAƁAgDɌĂق͂܂H

piyokango@ACeBfBAŊJÂZ~i[łJԂGĂ܂AƎ㐫̑΍ǗudvĂȂǂɂ‚Č_ĂقƎv܂B

@WXƑΉłdg݂ĂgDƎv܂AƎ㐫Ǘupb`ǗvƑĂ܂ƁA\tgEFA̐Ǝ㐫C邱Ƃ݂̂ړIƂȂĂ܂AVPN@Ȃǃn[hEFAANEhT[rX̐ݒɋNȂǁAupb`Ǘv͈̔͂ɓĂȂ”\̂gL`̐Ǝ㐫hRĂ܂˂܂B̃C^r[ł͓xXu_vƂ邳Ă܂AЂmFƎv܂B

@܂Am̐Ǝ㐫pu[fCUvȏɁACpb`Jꂽpb`Kp܂ł̊ԂɍU󂯂uNfCUvւ̑΍ӎĂƎv܂Bł͏Cpb`̉͂U@؂铮ȂǁAmƂȂƎ㐫ϋɓIɌĂ܂AقǎグgA[W΁ANfCU󂯂”\ɋyт܂BƎ㐫ƁupĂvƂK؂ɓ肵A󋵂ɉgA[W”\Ƃ̐𐮂AKvȂ΂͂Ή𑁂߂Ȃǂ̔fł悤ɔĂKvł傤B

WFLog4j 2ANEhݒ~XȂ\1PVX̂߂̐Ǝ㐫Ǘ^΍̌

Log4j 2̌[ɁAĂѐԂ𑛂\tgEFA̐Ǝ㐫BAƂƐƎ㐫Ƃ̂́AOSSɌ炸Ap\tgEFAA[^[⃁Ȃǂ̃n[hEFAƁAƂɑ݂Bpb`𓖂ĂȂǂ̑΍{ĂAǂ납XVȐƎ㐫đ悤ȕ񓹂₽ȂBނNEh̐ݒ~XR[fBO~XAeXgsȂǁAlVȐƎ㐫XƍoĂƂĂߌł͂ȂBl肪ȂƂ̏VXe͓Ẍ^pɎ肢ςŁAƎ㐫Ǘđ΍uƂ܂œȂ̂ł͂Ȃ낤B{Wł́AƎ㐫芪߂ĐA̎ɑƎ㐫Ǘ^΍݂̍TB


Copyright © ITmedia, Inc. All Rights Reserved.

X|T[̂m点PR

ڂ̃e[}

4AI by IT - AIAAA
Microsoft WindowsőO2025
AI for GWjAO
[R[h^m[R[h Zg by IT - ITGWjArWlX̒SŊ􂷂gD
Cloud Native Central by IT - XP[uȔ\͂gD
VXeJmEnE yirzPR
Ȃɂ߂̋LPR

@ITɂ‚

RSSɂ‚

ACeBfBAIDɂ‚

[}KWo^

IT̃[}KẂA AׂĖłBЃ[}KWwǂB