Cyber security news for all

More

    Microsoft and Autodesk have released new security recommendations

    Microsoft and Autodesk have released security updates for software that accesses the Autodesk program library. Microsoft has also released security advisories for an update of the Autodesk FBX Library and for an OpenSSL Remote Denial of Service vulnerability. It is an unscheduled security update that fixes remote code execution vulnerabilities in an Autodesk FBX library that is integrated with Microsoft Office and 3D applications.

    The whole thing has been known since March 2020.Microsoft has changed the days of the download links and this is communicated to a security advisory.

    The closed security gaps originally came from the FBX Software Development, which was used to create the program library. All FBX versions are affected by this .Thus potentially also software projects that use these SDK versions. Attackers could have used the vulnerabilities remotely to obtain the same access rights to the respective system as the currently logged in user. To do this, they would first have to open a specifically prepared file with 3D content in one of the vulnerable programs.

    AutoDesk published the security recommendation in the previous week. Some of these vulnerabilities are suitable for executing injected code, the other vulnerabilities are DoS vulnerabilities. Developers can find the updated SDK on the FBX website.

    Corresponding Security Updates

    Microsoft announces the availability of corresponding security updates. Another security recommendation concerns OpenSSL. There was also an update for Edge recently.

    Microsoft security recommendation warns of a publicly known DoS vulnerability in OpenSSL. The vulnerability was eliminated in OpenSSL too. Microsoft says that Windows is not affected. Rather, Microsoft’s warning is that third parties may be running virtual machines on the platform that run other software that uses OpenSSL.

    Microsoft Rates The Unscheduled Updates As Important

    Users should therefore update the respective software as soon as possible. Administrators should  also install the security update to protect against the vulnerability.

    Recent Articles

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Mail provider Tutanota becomes target of cyber attacks

    Over the weekend, ongoing DDoS attacks and an infrastructure problem resulted in downtime for hundreds of users. While some were able to mitigate most...

    Amazon accounts are the new target of cyber criminals

    Amazon is a popular target for cyber criminals who want to exploit the trust and image of the company among its customers with emails....

    Hackers stole thousands of passport data in Argentina

    In response to millions of dollars ransom refused by the Argentine Immigration Service, a ransomware group released passport data from hundreds of thousands of...

    USA wants to improve cybersecurity of space systems

    CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox