• Microsoft releases out-of-band patch for Office 2016 Click-to-Run, Office 2019, and Office 365 ProPlus (now known as Microsoft 365 Apps for enterprise)

    Even Microsoft didn’t get the name change.

    Security Advisory ADV200004, Availability of updates for Microsoft software utilizing the Autodesk FBX library, describes a handful of out-of-band security patches for various Office click-to-run versions.

    The security holes originate with the Autodesk FBX library, which is buried inside various Office products. (FBX, in case you were wondering, is Autodesk’s file format for animated 3D images.)

    Here are the affected products, according to the Security Advisory:

    • Office 2016 Click-to-Run
    • Office 2019 (which is only available as Click-to-Run – thx, @b)
    • Office 365 ProPlus
    • Paint 3D

    Of course, you’re savvy enough to know that Office 365 ProPlus has officially been renamed to “Microsoft 365 Apps for enterprise” — but don’t tell Microsoft that.

    The bug is marked with a Severity of “Important,” which means it isn’t really all that important. If you have a habit of opening dodgy 3D animation files, watch out. Otherwise, you’re fine.

    Carry on. And stay home.