On TechRepublic: Windows 7: Slower to boot than Vista?
BNET Business Network:
BNET
TechRepublic
ZDNet
24 TalkBacks

By Richard Thurston
Posted on ZDNet News: Jan 5, 2007 3:23:00 PM

OpenOffice.org has patched a critical vulnerability in the open-source application suite.

The vulnerability concerns the way OpenOffice handles images in the WMF graphics file format. Exploitation of the vulnerability, which affects all but the newest version of OpenOffice, can enable a hacker to perform a buffer overflow and then introduce malicious code to the victim's PC.

Security adviser Secunia rates the vulnerability as "highly critical" and has urged people to patch their systems.

OpenOffice has uploaded the patch to its Web site. People must manually install the file in place of its vulnerable predecessor or upgrade to the latest version of the software, OpenOffice 2.1. Open-source suppliers such as Red Hat have released their own patches.

OpenOffice has become increasingly popular as a free alternative to Microsoft's Office suite. It contains all the standard business applications, including word processing, database and spreadsheet programs.

Although this is the first WMF vulnerability known to exist in OpenOffice, such flaws have been plaguing Windows for some time.

In early 2006, Microsoft acknowledged a critical weakness in the way Windows renders WMF files, leading to the company releasing patches out of cycle. The U.K. parliament was attacked at the time via the vulnerability.

Richard Thurston of ZDNet UK reported from London.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 24 Talkback(s)
The middle way
What would you guess would be the percentage of OO users that complile their own binaries?

Practically speaking, each distribution has its own binaries. I run Gentoo, so rolling my own ... (Read the rest)
Posted by: Yagotta B. Kidding Posted on: 01/05/07 You are currently: a Guest | | Terms of Use
Is this a re-run?  bportlock | 01/05/07
WTF, WMF, OMG  Boot_Agnostic | 01/05/07
OpenOffice patches 'highly critical' flaw  Loverock Davidson | 01/05/07
And how many strikes are against MS-Office?  John L. Ries | 01/05/07
Hard to say  John Zern | 01/05/07
But after talking to developers  nucrash | 01/05/07
It's a fair cop!  bportlock | 01/05/07
I totally agree  John Zern | 01/05/07
Ratings....  bportlock | 01/05/07
Actually Edsels were good quality Mercurys.  osreinstall | 01/05/07
Talking about MS Office  Loverock Davidson | 01/05/07
Patch was just released  John L. Ries | 01/05/07
No  Loverock Davidson | 01/05/07
Not at all  John L. Ries | 01/05/07
Is that like...  B.O.F.H. | 01/05/07
Are still upset?  Loverock Davidson | 01/05/07
Only thing you put in place was  Linux User 147560 | 01/05/07
A-B Conversation  Loverock Davidson | 01/05/07
I would be D-lighted If you would ...  nucrash | 01/05/07
Thats new  Loverock Davidson | 01/05/07
Right... public forum  Linux User 147560 | 01/05/07
NOT(Monoculture)  Yagotta B. Kidding | 01/05/07
This is a serious question  Badgered | 01/05/07
The middle way  Yagotta B. Kidding | 01/05/07

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More