Security News > 2020 > April > Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D
Microsoft has released an out-of-band security update for Microsoft Office, Office 365 ProPlus and Paint 3D. The applications are affected by multiple Autodesk vulnerabilities that, if exploited, could enable remote code execution.
"Remote code execution vulnerabilities exist in Microsoft products that utilize the FBX library when processing specially crafted 3D content," according to Microsoft's Tuesday advisory.
Affected products include Office 365 ProPlus, which is Microsoft's subscription that comes with premium apps like Word, Excel, PowerPoint, Outlook and Teams; as well as Paint 3D, Microsoft's 3D modeling and printing application.
Microsoft Office 2016 and Microsoft Office 2019 are also impacted.
The security updates addresses these vulnerabilities by correcting the way 3D content is handled by Microsoft software.
News URL
https://threatpost.com/microsoft-issues-out-of-band-security-update-for-office-paint-3d/155016/
Related news
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft discloses unpatched Office flaw that exposes NTLM hashes (source)
- Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure (source)
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft patches scary wormable hijack-my-box-via-IPv6 security bug and others (source)
- Microsoft disables BitLocker security fix, advises manual mitigation (source)
- Microsoft security tools questioned for treating employees as threats (source)
- Microsoft hosts a security summit but no press, public allowed (source)
- Microsoft Office 2024 to disable ActiveX controls by default (source)