For some time now, the 3ds Max user community has been impacted by some 3rd party script snippets we’ll call ALC and CRP, which spread to 3ds Max installations by saving themselves into scene files that get shared. Users affected by ALC and CRP experience broken undo functionality, deletion of lights, cameras and materials, which leads to instability and data loss. The origin of these scripts is unknown. For more information, please visit the Autodesk Knowledge Network articles on ALC and CRP Given the negative impact they have on our users, we have developed automated tools that protect against them called “3ds Max Security Tools”. These tools are available starting with 3ds Max 2019.2 Update.

Once you install and start 3ds Max 2019.2 Update, you will have to consent to allowing the security tools to look for the corruption causing 3rd party scripts through your startup scripts. We strongly recommend leaving the security tools enabled even if you haven’t been affected by ALC and CRP.

Figure 1 - 3ds Max Security Tools startup consent dialog The security tools are like a vaccine against ALC and CRP: the more users get vaccinated the less the problem can spread, and eventually is eradicated.



Here is some useful information about the 3ds Max Security Tools:

Although it was designed to provide immunity against ALC and CRP, and to make it hard for the user to save scene files that carry them, it will not lock out the user from using 3ds Max





Cleanup actions to the startup scripts and to the in-memory scene require user consent. The following is an example of the CRP cleanup tool requesting user consent to remove the corruption: Figure 2 - User consent dialog to clean CRP from current scene



Figure 2 - User consent dialog to clean CRP from current scene The security tools will keep the 3ds Max startup script environment and its process space free of the ALC and CRP corruptions. On the other hand, corrupted scene that were cleaned by the security tools, will need to be saved by the user to the desired location and in the desired format (perhaps using a Save To Previous operation to maintain the scene’s compatibility with a previous version of 3ds Max)

When 3ds Max runs in quiet mode, or when command line rendering or batch scripting, the security tools will default to detecting and cleaning if they are enabled.

All actions taken by the security tools are being logged to the system log (Max.log)

The following best practices can also help protect yourself against potentially malicious code:

Don’t run 3ds Max with elevated privileges

Leave User Account Control (UAC) enabled

Install 3ds Max to its default location (C:\Program Files\Autodesk\3ds Max <year>)

Only execute trusted plugins and scripts; look for a valid digital signature

Keep your virus definition up-to-date

We are committed to keeping our users safe and secure from corruption causing and malicious code by continuously improving the security tools that debuted in 3ds Max 2019 Update 2.

As always, we welcome your thoughts, and look forward hearing from you.

The 3ds Max product team.