Latest Version of OpenOffice Patches Various Vulnerabilities
"OpenOffice 3.2", a latest version of OpenOffice, has been issued. Various flaws have been fixed in this new version because of which a computer could be remotely compromised by an attacker.
In total seven vulnerabilities have been fixed, and three of them could be used to infuse and execute malicious code, as said by security experts.
Moreover, in one of these instances, a spiteful XPM file, which is a kind of ODF (OpenDocument Format)-supported image format, could be deceitfully developed and permit the remote user to run malicious code on the system with the similar privileges the local user holds.
In addition, another similar flaw related to the GIF image format has also been patched. Experts notified that with the help of the third vulnerability, an attacker could get an access of a remote system by tricking a user into opening a maliciously created Microsoft Word document.
Another security problem is associated with the MSVC (Microsoft Visual C++) runtime library integrated in the OpenOffice version of the Windows. This flaw can be exploited to evade various security limitations, including kill bits for ActiveX controls. To add to, the new updated version also fixes two bugs in the similar manner the cryptographic hashes are dealt with. These bugs could be used to fake the digital signatures.
According to experts, all the bugs except the vulnerability in MSVC are also there in OpenOffice 2.4.x. Besides, versions for Mac OS X, Windows and Linux are all affected.
Security experts commented that the cyber goons increasingly look out for such vulnerabilities, as the gullible users can be easily targeted by e-mails, and different social engineering techniques can be used to induce them to open a malicious document. Therefore, the developers strongly recommend all the users to upgrade to this latest 3.2 release.
In the mean time, it is worth noted that recently Adobe has also issued vulnerability patches which include two critical vulnerabilities, one of which allow hackers to attack with malware. Moreover, Microsoft also issued security patches including five critical rated patches.
It is noteworthy that just recently Adobe has also released vulnerability patches which comprise two critical vulnerabilities. One of these vulnerabilities permits hackers to launch malware assault. Moreover, security patches were also issued by Microsoft, including five critical rated patches.
Related article: Latest Scam - Emails Threatening Death to Recipients
» SPAMfighter News - 26-02-2010