In association with heise online

29 October 2008, 15:16

OpenOffice 2.4.2 fixes critical vulnerabilities

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The OpenOffice development team has announced the release of version 2.4.2, which fixes two critical security vulnerabilities. According to the security advisories, the vulnerabilities are heap overflows when processing EMF and WMF files, which can be exploited using crafted documents to inject and execute malicious code. All versions prior to 2.4.2 are affected. According to the OpenOffice developers, the bugs are not present in version 3.0. OpenOffice 2.4.2 is now available to download from the OpenOffice site.

The update to OpenOffice 2.4, so soon after the release of OpenOffice 3.0 is probably explained by the fact that many users of the suite of productivity applications may be in a controlled environment, such as a government organisation, and are not able to rapidly migrate to the latest release but are prepared to install updates that do not change functionality.

See also


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit