-
-
Advertise on Bladewatch
You can easily reach influential IT professionals including decision makers. Talk to us about your products and services and we will do our best to make sure our viewers and readers find you.
-
subscribe to RSS
Get email updates every time we post!
Time to patch your OpenOffice installations
http://news.zdnet.co.uk/security/0,1000000189,39289620,00.htm
Security experts have discovered TIFF-based buffer overflow vulnerabilities in OpenOffice.org that could allow attackers to remotely execute code on Linux, Windows or Apple Mac-based computers.
OpenOffice version 2.0.4 and prior are vulnerable to maliciously crafted TIFF files, which can be delivered in an email attachment, published on a website or shared using P2P software. The next version of OpenOffice (version 2.3) arrived on 17 September and is not affected by the flaw.
The vulnerability was discovered by researchers at iDefense, who claim that the OpenOffice TIFF parsing code is flawed.
Patching your applications is just as important as patching the operating system and just because an application/operating system is open source should not be used as a way of limiting your liability/patching due diligence.
Related posts:
- Applying security patches remains core Computer Weekly Microsoft has confirmed that it is investigating reports...
- Patch Downloader v6.0 announced PRNewswire Patch Downloader v6.0 Eases the Pain of Downloading Patches...
- Microsoft Patches for September http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx This bulletin summary lists security bulletins released for September...
Related posts brought to you by Yet Another Related Posts Plugin.
Leave a Reply
Recent Posts
Twitter Updates
- Talk to me about the benefits and importantly how it will work with my existing processes and infrastructure.
- The next confrontation in the virtual and the physical world is what features are included at that price point and not what isn't.
- As we add more layers to the IT infrastructure do we need more ITIL layers? How do we cope with an always on world development is like prod
- Is swapping a disk, adding a volume to an ESX host with development virtual machines a change?
- When we do integrated array controllers can they not be a daughter card, it's annoying having to swap a system board for controller failure
Categories
Recent Comments
- Cialis on Who will be the server world's Apple?
- Roger on How to reboot the HP ILO/kick off a hung session
- Martin on Tolly Group benchmark BladeSystem C7000 and Cisco UCS 5100
- Jose R on Tolly Group benchmark BladeSystem C7000 and Cisco UCS 5100
- Kevin Houston on HP Blades Day Analysis
- Pugalenthi on What's the equivalent of ILO in an IBM server?
- ST2 on Bladewatch drinks 14th October
- Adipex_Phentermine_Pill on How to reboot the HP ILO/kick off a hung session
- Adipex_Phentermine_Pill on IBM and Syracuse University data center
- console xbox 360 on Sun/Oracle continue the innovation
