LibreOffice users ought to update their software: a security hole has been discovered in the code used to import Microsoft Word documents into the open-source productivity suite. The latest version of the software contains a fix for the problem.
A memory corruption-related vulnerability in the import code creates a possible mechanism for virus writers to inject hostile code into vulnerable systems, developers at The Document Foundation warn. The bug was discovered by RedHat security researcher Huzaifa Sidhpurwala and fixed with version 3.4.3 of the package.
LibreOffice 3.4.3 also addresses lesser security problems involving loading Windows Metafile (.wmf) and Windows Enhanced Metafile (.emf) images into documents.
An advisory from LibreOffice on the vulnerability can be found here. ®
Similar topics
Broader topics
Narrower topics
- Authentication
- Black Hat
- Common Vulnerability Scoring System
- Cybercrime
- Cybersecurity
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- DDoS
- Digital certificate
- Encryption
- Exploit
- Firewall
- Hacker
- Hacking
- Identity Theft
- Infosec
- Kenna Security
- NCSC
- Palo Alto Networks
- Password
- Phishing
- Ransomware
- REvil
- Spamming
- Spyware
- Surveillance
- TLS
- Trojan
- Trusted Platform Module
- Wannacry
- Y2K
- Zero Day Initiative
- Zero trust