Cyber security news for all

More

    Microsoft and Autodesk have released new security recommendations

    Microsoft and Autodesk have released security updates for software that accesses the Autodesk program library. Microsoft has also released security advisories for an update of the Autodesk FBX Library and for an OpenSSL Remote Denial of Service vulnerability. It is an unscheduled security update that fixes remote code execution vulnerabilities in an Autodesk FBX library that is integrated with Microsoft Office and 3D applications.

    The whole thing has been known since March 2020.Microsoft has changed the days of the download links and this is communicated to a security advisory.

    The closed security gaps originally came from the FBX Software Development, which was used to create the program library. All FBX versions are affected by this .Thus potentially also software projects that use these SDK versions. Attackers could have used the vulnerabilities remotely to obtain the same access rights to the respective system as the currently logged in user. To do this, they would first have to open a specifically prepared file with 3D content in one of the vulnerable programs.

    AutoDesk published the security recommendation in the previous week. Some of these vulnerabilities are suitable for executing injected code, the other vulnerabilities are DoS vulnerabilities. Developers can find the updated SDK on the FBX website.

    Corresponding Security Updates

    Microsoft announces the availability of corresponding security updates. Another security recommendation concerns OpenSSL. There was also an update for Edge recently.

    Microsoft security recommendation warns of a publicly known DoS vulnerability in OpenSSL. The vulnerability was eliminated in OpenSSL too. Microsoft says that Windows is not affected. Rather, Microsoft’s warning is that third parties may be running virtual machines on the platform that run other software that uses OpenSSL.

    Microsoft Rates The Unscheduled Updates As Important

    Users should therefore update the respective software as soon as possible. Administrators should  also install the security update to protect against the vulnerability.

    Recent Articles

    Manchester United have been blackmailed by cyber attackers

    The Premier League club Manchester United fell victim to a cyber attack according to the Daily Mail. The cyber criminals are apparently demanding ransom in...

    TikTok has fixed a serious security gap issue

    TikTok accounts paid a researcher a reward of 4000 dollars after he reported two vulnerabilities as part of a disclosure. A combination of both...

    Passwords should be changed for Fortinet VPNs

    Administrators should change the access for Fortinet VPNs in use. Log-in information for almost 50,000 VPN networks has appeared in various cyber blogs. A security...

    Twitter confirmed to bring back account verification

    Twitter is bringing back verifications for the account verification in the beginning of 2021. Certain users will then be given a control mark again,...

    350,000 Spotify users were hacked

    At the beginning of July this year, security researchers discovered an unsecured database that contained access and other information from 350,000 Spotify users. Spotify...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox