« Apple changes hardware support for next OS?

Time to patch your OpenOffice installations

Published by Martin on Tuesday 25th September 2007, 21:43 Comments | Filed under: News

http://news.zdnet.co.uk/security/0,1000000189,39289620,00.htm

Security experts have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice.org that could allow attackers to remotely execute code on Linux, Windows or Apple Mac-based computers.

OpenOffice version 2.0.4 and prior are vulnerable to maliciously crafted TIFF files, which can be delivered in an email attachment, published on a website or shared using P2P software. The next version of OpenOffice (version 2.3) arrived on 17 September and is not affected by the flaw.

The vulnerability was discovered by researchers at iDefense, who claim that the OpenOffice TIFF parsing code is flawed.

Patching your applications is just as important as patching the operating system and just because an application/operating system is open source should not be used as a way of limiting your liability/patching due diligence.

[Post to Twitter] Tweet This Post 

  • Share/Save/Bookmark

This entry was posted on Tuesday, September 25th, 2007 at 9:43 pm and is filed under News. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

blog comments powered by Disqus

Tweet This Post links powered by Tweet This v1.3.9, a WordPress plugin for Twitter.