Security News > 2020 > April > Microsoft Issues Out-Of-Band Security Update For Office, Paint 3D
Microsoft has released an out-of-band security update for Microsoft Office, Office 365 ProPlus and Paint 3D. The applications are affected by multiple Autodesk vulnerabilities that, if exploited, could enable remote code execution.
"Remote code execution vulnerabilities exist in Microsoft products that utilize the FBX library when processing specially crafted 3D content," according to Microsoft's Tuesday advisory.
Affected products include Office 365 ProPlus, which is Microsoft's subscription that comes with premium apps like Word, Excel, PowerPoint, Outlook and Teams; as well as Paint 3D, Microsoft's 3D modeling and printing application.
Microsoft Office 2016 and Microsoft Office 2019 are also impacted.
The security updates addresses these vulnerabilities by correcting the way 3D content is handled by Microsoft software.
News URL
https://threatpost.com/microsoft-issues-out-of-band-security-update-for-office-paint-3d/155016/
Related news
- Microsoft overhauls security for publishing Edge extensions (source)
- Microsoft Office 2024 now available for Windows and macOS users (source)
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)