On March 31, 2015, Autodesk will be performing an upgrade to their security protocol that will enhance the ability to provide secure access to Autodesk Desktop Subscription products. The upgrade is in response to published information describing the POODLE vulnerability in SSL 3.0, a communication protocol designed to provide security over computer networks. This industry-wide vulnerability is affecting the SSL 3.0 protocol itself and is not specific to Autodesk products
What is happening?
All Autodesk Desktop Subscription 2014 and 2015 products implement SSL 3.0 and are affected by the POODLE vulnerability. Poodle SSLv3 vulnerability is registered in the Common Vulnerabilities and Exposures systems as CVE-2014-366. Therefore, on March 31, 2015, Autodesk will disable SSL 3.0 on our Desktop Subscription authentication servers.
What do you need to do?
If you are a 2014 or 2015 Autodesk Desktop Subscription customer, you will need to follow the instructions below to download a hotfix in order to repair this issue.
Before getting started, please be aware that when SSLv3 is disabled to address the POODLE vulnerability, a customer who hasn’t applied the Licensing hotfix will have the following impacts:
Online License Transfer and online activation will not work on Linux based products
- Error Behavior: Online License Transfer and online activation does not work.
- Who: All versions of all Linux products
Trial promotions will not work for Mac products
- Error Behavior: Customers will not see any ongoing promotions on trial dialog; rather just the trial counter with option to activate.
- Who: All Mac customers running a trial
Desktop Subscription: First Time Login Fail for Windows & Mac products
- Error Behavior: User will receive error message when attempting to login to server for the first time.
- Who: All desktop subs customers who have not yet logged into server for the first time
These failures occur because the server side components have been patched to address the POODLE SSL v3 vulnerability (CVE-2014-3566). The licensing code was depending on SSLv3 and the internet communication fails. The patch updates the licensing client to enable communication using more secure protocols.
Installing the appropriate patch referenced below will resolve these issues:
|All FY14 products (except Smoke 2014 and Maya 2014)||Linux|
|(Mac OS only) AutoCAD 2014, Smoke 2014, Maya 2014||Mac|
|All FY15 products||Linux|
Make sure that all your Autodesk applications are closed.
- Download the appropriate hotfix to your computer.
- Install the hotfix
- Windows:Execute the patch executable by double clicking on the patch. Wait for the installation to complete.
- Linux:Run the command ./installerR9.sh or ./installerR7.sh
- Mac OS:Install the package by running the appropriate pkg (installerR9.pkg, installerR8.pkg or installerR7.pkg).
- Note the hotfix may need to be reinstalled after subsequent installation of other Autodesk product(s).
Important: The following error messages might occur during licensing hotfix installation:
File Access Denied: Unable to update file_name
This error would occur when the file that is being updated is in use, when the product is running while the licensing hotfix is being applied. The licensing hotfix should be applied after all Autodesk products are closed. There are some licensing components that linger for a minute after the application is closed, and it is best to wait for a few minutes before the licensing hotfix is re-applied.
No files found to licensing hotfix. Folder dst_dir was not found.
This error will occur if the wrong licensing hotfix is being applied or if the licensing hotfix is being applied on a computer that does not have the Autodesk product installed. Please verify that the correct licensing hotfix version is being applied and that the computer has the product installed.
Unsupported platform. 64 bit installer is not supported on 32 bit OS. Please download 32 bit installer
The correct licensing hotfix as per the architecture should be used.
If you are still receiving errors or having trouble installing the hotfix, contact Microsol Resources at 888-768-7568 or email email@example.com.