OpenOffice hit by 'highly critical' vulnerability

by admin January 5, 2007 at 12:54 pm has patched a critical vulnerability in the open-source application suite.

The vulnerability concerns the way OpenOffice handles .wmf images. Exploitation of the vulnerability, which affects all but the newest version of OpenOffice, can enable a hacker to perform a buffer overflow and then introduce malicious code to the victim’s PC.

Security advisor Secunia rates the vulnerability as “highly critical”, and it has urged users to patch their systems.

OpenOffice has uploaded the patch to its website. Users must manually install the file in place of its vulnerable predecessor, or upgrade to the latest version of the software, OpenOffice 2.1. Open-source suppliers such as Red Hat have followed suit by releasing their own patches.

Read more: ZDNet UK