14 DAY TRIAL // OpenOffice has always been a pretty popular application, especially thanks to the fact that it offers a freeware alternative to Microsoft Office, the suite of tools dubbed the most powerful solution in its category. Because of the freeware license but of numerous other advanced features, Microsoft Office quickly gained a large audience, millions of users downloading and installing it on Windows, Linux and Mac systems. However, according to recent reports, these users have to patch their OpenOffice installation in order to remain on the safe side, due to multiple heap based buffer overflow vulnerabilities spotted in the application.
According to SecurityFocus, a successful exploitation could be started through a malicious ODF, Quattro Pro, EMF or OLE file, opened on a vulnerable system. Although the mentioned vulnerabilities affect most OpenOffice versions, you're advised to update to the latest release and keep an eye on the news to find out exactly when a new patch is available.
"OpenOffice is prone to multiple remote heap-based buffer-overflow vulnerabilities because of errors in processing certain files. Remote attackers can exploit these issues by enticing victims into opening maliciously crafted ODF, Quattro Pro, EMF, or OLE files. Successful exploits may allow attackers to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial of service," SecurityFocus mentioned in the notification published today.
At this time, there's no official confirmation of a successful exploit but users should apply the updates as soon as possible in order to avoid potential attacks. This is quite a general security measure, so if you think that you may have unpatched software on your computer, hurry up and update it.
In case you want to download the latest version of OpenOffice, the one which is dubbed to the most secure, you can find it right here on Softpedia.