Tuesday, March 9, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Microsoft issues out-of-band Office and Paint 3D security updates to stop 3D graphic attack

April 22, 2020
in Internet Security
Microsoft issues out-of-band Office and Paint 3D security updates to stop 3D graphic attack
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Microsoft has released important security updates for Office, Office 365 ProPlus, and Paint 3D products to address multiple newly disclosed bugs in Autodesk’s library for the FBX file format for 3D animations. 

The updates affect Microsoft products that integrate the Autodesk FBX 3D library, which include Microsoft Office 2016 Click-to-Run (C2R) for 32-bit and 64-bit editions, Microsoft Office 2019 for 32-bit and 64-bit editions, and Office 365 ProPlus for 32-bit and 64-bit systems, as well as Paint 3D. 

You might also like

Ezviz C3X outdoor security camera review: Simple setup, superb features Review

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

McAfee sells its enterprise business to private equity group as it focuses on consumer security

While the fixes are only rated ‘important’, the vulnerabilities in the Autodesk FBX library do allow remote code execution on affected products. 

However, to exploit the bugs, the attacker would send victims a malicious 3D FBX file and trick them into opening it. 

The attacker would then gain the same user rights as the local user. Microsoft notes that accounts with fewer rights on the system could be less affected than those with administrative rights. 

Autodesk, the maker of the widely-used AutoCAD software, revealed in an advisory last Wednesday that applications and services that use the FBX-SDK Version 2020.0 or earlier are affected by buffer overflow, type confusion, use-after-free, integer overflow, NULL pointer dereference, and heap overflow vulnerabilities.   

The vulnerabilities are tracked as CVE-2020-7080, CVE-2020-7081, CVE-2020-7082, CVE-2020-7083, CVE-2020-7084, and CVE-2020-7085. 

Max Van Amerongen, an F-Secure researcher reported CVE-2020-7085, the heap overflow bug, to Autodesk. He’s posted a video demonstration of his proof-of-concept exploit for the bug on Twitter. 

The bugs affected several other Autodesk products, including AutoCAD, Maya, Motion Builder, Mudbox, 3ds Max, Fusion, Revit, Infraworks, and Navisworks.  

Autodesk also thanked the Microsoft Security Response Center Vulnerabilities and Mitigations Team for their partnership. 


Credit: Zdnet

Previous Post

Chinese Hackers Using New iPhone Hack to Spy On Uyghur Muslims

Next Post

Looking At The Numbers in COVID-19 - Machine Learning Times

Related Posts

Ezviz C3X outdoor security camera review: Simple setup, superb features Review
Internet Security

Ezviz C3X outdoor security camera review: Simple setup, superb features Review

March 9, 2021
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
Internet Security

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

March 9, 2021
McAfee sells its enterprise business to private equity group as it focuses on consumer security
Internet Security

McAfee sells its enterprise business to private equity group as it focuses on consumer security

March 9, 2021
Everything you need to know about Microsoft Exchange Server hack
Internet Security

Everything you need to know about Microsoft Exchange Server hack

March 8, 2021
Bill establishing cyber abuse takedown scheme for adults enters Parliament
Internet Security

eSafety defends detail of Online Safety Bill as the ‘sausage that’s being made’

March 8, 2021
Next Post
Looking At The Numbers in COVID-19 – Machine Learning Times

Looking At The Numbers in COVID-19 - Machine Learning Times

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Ezviz C3X outdoor security camera review: Simple setup, superb features Review
Internet Security

Ezviz C3X outdoor security camera review: Simple setup, superb features Review

March 9, 2021
Operationalizing AI – Introduction to the ModelOps Pipeline
Data Science

Operationalizing AI – Introduction to the ModelOps Pipeline

March 9, 2021
SCA invests in Australian AI and machine learning company
Machine Learning

SCA invests in Australian AI and machine learning company

March 9, 2021
How Image Annotation Helps in AI Development for Agriculture Sector? | by ANOLYTICS
Neural Networks

How Image Annotation Helps in AI Development for Agriculture Sector? | by ANOLYTICS

March 9, 2021
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks
Internet Security

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks

March 9, 2021
Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks
Internet Privacy

Malware Can Exploit New Flaw in Intel CPUs to Launch Side-Channel Attacks

March 9, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Ezviz C3X outdoor security camera review: Simple setup, superb features Review March 9, 2021
  • Operationalizing AI – Introduction to the ModelOps Pipeline March 9, 2021
  • SCA invests in Australian AI and machine learning company March 9, 2021
  • How Image Annotation Helps in AI Development for Agriculture Sector? | by ANOLYTICS March 9, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates