{"id":14178,"date":"2020-04-22T11:45:53","date_gmt":"2020-04-22T09:45:53","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14178"},"modified":"2023-04-04T21:06:47","modified_gmt":"2023-04-04T19:06:47","slug":"microsoft-security-advisories-zum-14-und-21-april-2020","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/04\/22\/microsoft-security-advisories-zum-14-und-21-april-2020\/","title":{"rendered":"Microsoft Security Advisories April 14, and 21, 2020"},"content":{"rendered":"

[German<\/a>]Microsoft has published Security Advisories for a critical RCE vulnerability (CVE-2020-0905) in Microsofts Dynamics Business Central. And there are security advisories for an update to the Autodesk FBX Library and for an OpenSSL Remote Denial of Service vulnerability.<\/p>\n

<\/p>\n

RCE vulnerability in Dynamics Business Central<\/h2>\n

\"\"The vulnerability has been known since March 2020 \u2013 but Microsoft has changed recently the download links and this has been communicated with a security advisory. Here is the information.<\/p>\n

Title: Microsoft Security Update Releases
\nIssued: April 14, 2020
\n***************************************
\nCVE CVE-2020-0905 has undergone a major revision increment:
\nRevision Information:<\/p>\n

CVE-2020-0905<\/a> | Dynamics Business Central Remote Code Execution Vulnerability
\n–\u00a0 – Version: 2.0
\n– Reason for Revision: In the Security Updates table, corrected the Download links for
\nthe following products: Microsoft Dynamics NAV 2018, Microsoft Dynamics 365 BC On
\nPremise, Dynamics 365 Business Central 2019 Spring Update,
\nand Dynamics 365 Business
\nCentral 2019 Release Wave 2 (On-Premise). Customers who are running one of these
\naffected versions of Microsoft Dynamics should ensure that they have downloaded and
\ninstalled the most recent updates to be protected from this vulnerability.
\n– Originally posted: March 10, 2020
\n– Updated: April 14, 2020
\n– Aggregate CVE Severity Rating: Critical<\/p>\n

Administrators should install the security update to be protected against the RCE vulnerability.<\/p>\n

Update for Autodesk FBX Library<\/h2>\n

In a Security Advisory Notification dated April 21, 2020, Microsoft refers to an update for its Autodesk FBX library. Here are the details:<\/p>\n

* Microsoft Security Advisory ADV200004<\/p>\n

ADV200004<\/a> | Availability of updates for Microsoft software utilizing the
\nAutodesk FBX library
\n–\u00a0 – Reason for Revision: Information published.
\n– Originally posted: April 21, 2020
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n

This is an out-of-band security update that fixes remote code execution vulnerabilities in an Autodesk FBX library that is integrated with Microsoft Office and Paint 3D applications. Bleeping Computer has posted an article on the topic here<\/a>.<\/p>\n

OpenSSL Remote Denial of Service vulnerability<\/h2>\n

OpenSSL contains a remotely exploitable Denial of Service vulnerability pointed out by Microsoft in a security advisory dated April 21, 2020.<\/p>\n

* Microsoft Security Advisory ADV200007<\/p>\n

ADV200007<\/a> | OpenSSL Remote Denial of Service Vulnerability-
\n– Reason for Revision: Information published.
\n– Originally posted: April 21, 2020
\n– Updated: N\/A
\n– Version: 1.0<\/p>\n","protected":false},"excerpt":{"rendered":"

[German]Microsoft has published Security Advisories for a critical RCE vulnerability (CVE-2020-0905) in Microsofts Dynamics Business Central. And there are security advisories for an update to the Autodesk FBX Library and for an OpenSSL Remote Denial of Service vulnerability.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547,22],"tags":[2400,2401,2399,69,1544],"class_list":["post-14178","post","type-post","status-publish","format-standard","hentry","category-security","category-software","category-update","tag-adv200004","tag-adv200007","tag-cve-2020-0905","tag-security","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14178","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14178"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14178\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14178"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14178"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}