{"id":230962,"date":"2020-04-22T11:32:35","date_gmt":"2020-04-22T09:32:35","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=230962"},"modified":"2022-01-26T05:23:05","modified_gmt":"2022-01-26T04:23:05","slug":"microsoft-security-advisories-zum-14-und-21-april-2020","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2020\/04\/22\/microsoft-security-advisories-zum-14-und-21-april-2020\/","title":{"rendered":"Microsoft Security Advisories zum 14. und 21. April 2020"},"content":{"rendered":"

[English<\/a>]Noch ein kurzer Hinweis f\u00fcr Administratoren, die Microsofts Dynamics Business Central einsetzen. In dieser gibt es als kritisch eingestufte RCE-Schwachstelle CVE-2020-0905. Zudem hat Microsoft Security Advisories f\u00fcr ein Update der Autodesk FBX Library und f\u00fcr eine OpenSSL Remote Denial of Service Schwachstelle ver\u00f6ffentlicht<\/p>\n

<\/p>\n

RCE-Schwachstelle in Dynamics Business Central<\/h2>\n

\"\"Das Ganze ist schon seit M\u00e4rz 2020 bekannt \u2013 Microsoft hat die Tage aber die Download-Links ge\u00e4ndert und das ist einem Security Advisory mitgeteilt. Hier die Information.<\/p>\n

Title: Microsoft Security Update Releases
\nIssued: April 14, 2020
\n***************************************
\nCVE CVE-2020-0905 has undergone a major revision increment:
\nRevision Information:<\/p>\n

CVE-2020-0905<\/a> | Dynamics Business Central Remote Code Execution Vulnerability
\n–\u00a0 – Version: 2.0
\n– Reason for Revision: In the Security Updates table, corrected the Download links for
\nthe following products: Microsoft Dynamics NAV 2018, Microsoft Dynamics 365 BC On
\nPremise, Dynamics 365 Business Central 2019 Spring Update,
\nand Dynamics 365 Business
\nCentral 2019 Release Wave 2 (On-Premise). Customers who are running one of these
\naffected versions of Microsoft Dynamics should ensure that they have downloaded and
\ninstalled the most recent updates to be protected from this vulnerability.
\n– Originally posted: March 10, 2020
\n– Updated: April 14, 2020
\n– Aggregate CVE Severity Rating: Critical<\/p>\n

Administratoren sollten das Sicherheitsupdate installieren, um gegen die RCE-Schwachstelle gesch\u00fctzt zu sein.<\/p>\n

Update der Autodesk FBX Library<\/h2>\n

In einer Security Advisory Notification vom 21. April 2020 weist Microsoft auf ein Update f\u00fcr seine Autodesk FBX-Bibliothek hin. Hier die Details:<\/p>\n

* Microsoft Security Advisory ADV200004<\/p>\n

ADV200004<\/a> | Availability of updates for Microsoft software utilizing the
\nAutodesk FBX library
\n–\u00a0 – Reason for Revision: Information published.
\n– Originally posted: April 21, 2020
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n

Es ist ein au\u00dferplanm\u00e4\u00dfiges Sicherheitsupdate, das Sicherheitsl\u00fccken bei der Remote-Codeausf\u00fchrung in einer Autodesk FBX-Bibliothek behebt, die in Microsoft Office und Paint 3D-Anwendungen integriert ist. Bleeping Computer hat hier einen Artikel<\/a> zum Thema ver\u00f6ffentlicht.<\/p>\n

OpenSSL Remote Denial of Service-Schwachstelle<\/h2>\n

In OpenSSL gibt es eine Remote ausnutzbare Denial of Service-Schwachstelle, auf die Microsoft in einem Security Advisory vom 21. April 2020 hinweist.<\/p>\n

* Microsoft Security Advisory ADV200007<\/p>\n

ADV200007<\/a> | OpenSSL Remote Denial of Service Vulnerability-
\n– Reason for Revision: Information published.
\n– Originally posted: April 21, 2020
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n","protected":false},"excerpt":{"rendered":"

[English]Noch ein kurzer Hinweis f\u00fcr Administratoren, die Microsofts Dynamics Business Central einsetzen. In dieser gibt es als kritisch eingestufte RCE-Schwachstelle CVE-2020-0905. Zudem hat Microsoft Security Advisories f\u00fcr ein Update der Autodesk FBX Library und f\u00fcr eine OpenSSL Remote Denial of … Weiterlesen →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[426,7459],"tags":[8024,8025,8023,4328,3836],"class_list":["post-230962","post","type-post","status-publish","format-standard","hentry","category-sicherheit","category-software","tag-adv200004","tag-adv200007","tag-cve-2020-0905","tag-sicherheit","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/230962","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=230962"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/230962\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=230962"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=230962"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=230962"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}