[virusinfo] OpenOffice security patch
- From: "Mike" <mikebike@xxxxxxxxx>
- To: virusinfo@xxxxxxxxxxxxx
- Date: Thu, 14 Apr 2005 21:53:00 -0700
A security vulnerability affecting OpenOffice.org 1.1.4 and earlier, as
well as 2.0beta, including the developer builds, was recently detected.
It has been fixed and a patch is available for immediate download for
all users of OpenOffice.org 1.1.4.
Users of earlier releases (1.1.3 and prior) must upgrade.
Users of 2.0beta are requested to download the latest beta,
OpenOffice.org 1.9.95. It will include the patch and be ready shortly.
Operating systems affected: All, including Linux, Solaris, Windows, Mac
OS X (X11) (NeoOffice/J users of the latest release are not affected.)
For other platforms, go to the Porting homepage for more information.
* Porting Project: <http://porting.openoffice.org/>
The patch can be found here:
<http://download.openoffice.org/1.1.4/security_patch.html>
installation is easy and instructions are on the page listed above.
We are requesting that all CD distributors and partners of
OpenOffice.org include the security patch. If you are not sure your
copy of OpenOffice.org 1.1.4 is secure, download the patch and be sure.
How serious is the problem? The problem resides in how OpenOffice.org
handles Microsoft Office .doc files. A malicious user could send such a
file asan attachment to you containing code that would allow them to
execute arbitrary commands on your computer should you open that
document in OpenOffice.org.
See the security advisory for more information:
<http://www.securityfocus.com/archive/1/395516>
Be safe by always making sure that you only open attachments from
trusted persons.
Regards
The OpenOffice.org Team
Other related posts:
- » [virusinfo] OpenOffice security patch