OpenOffice users urged to apply security fixes

Further reading

Both vulnerabilities affect all versions of OpenOffice prior to the 2.4.2 release. The recently-unveiled OpenOffice 3.0 release is not believed to be at risk from either vulnerability.

The flaws centre on the way OpenOffice handles certain file types. An attacker could use a specially-crafted WMF or EMF file to cause a heap overflow error that would then leave the attacker able to execute malicious code on the targeted system.

No working exploit for either vulnerability is thought to exist in the wild. Credit for the discovery of both flaws was given to an anonymous researcher operating out of Chinese security firm SureRun.

The French Security Incident Response Team (FrSIRT) has rated both flaws as critical, the highest of its four alert levels. Both FrSIRT and the US Computer Emergency Response Team are advising users to update their copies of OpenOffice to remove the vulnerabilities.

Do you agree?

Add your comment

Your name:
Your email address:	We won't publish your address
Your comment title:
Your comment:	By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.

Submit your comment

Get the latest news headlines direct to your inbox

The workplace of the future poll - in association with IBM

What will be the biggest change to corporate technology in the future?

Remote or home working will be the norm

89%

Business IT will all be run in the cloud

Social networking will overtake all other forms of communication

Bring your own device will be standard

Keyboards will be replaced by speech-to-text

Features

Quick guide to cookie law compliance

ICO sends out mixed messages on cookie law

HP's loss of Autonomy founder Mike Lynch could be UK tech sector's gain

EMC World: Big data evolves into data science

More features

Commuters waiting on platform of underground station

TFL prepares to monitor big data during London Olympics 2012 [Video]

TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event

Sign up to our daily or weekly newsletters

Follow @V3_co_uk

Case studies and reports

Colour printing: why the bill keeps outstripping the budget

The wrong printers, for the wrong tasks on the wrong contracts

Magic quadrant for business intelligence platforms

Who leads the BI pack and who should we be watching out for?

Technology jobs

Web Content Editor / Junior Web Designer-Yorkshire

HTML, CSS, Flash - Web Content Editor - Photoshop, Dreamweaver...

Bio Mass Programme Manager/Engineering/Supply Chain

Biomass Programme Manager/Engineering/Supply Chain/Heavy...

Head of Compliance

Head of Compliance My client is currently seeking...

Financial Reporting

THis role is working for a multi national Financial organisation...

White paper library
Latest white papers

Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.

More white papers

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

About us:

Business & technology web sites:

Blogs & community:

Reviews:

Software downloads:

Tools & resources:

Accreditation:

Digital Publisher of the Year 2010

Friend's email address	To send to more than one email address, simply separate each address with a comma.
Your email address
Message