PowerPoint files infiltrate malicious code into KOffice
Following the release of version 1.6, the developers of KOffice had intended to concentrate on developing version 2.0. However, as well as a number of bugs, a critical security vulnerability has forced them to release a bug fix release 1.6.1. This fixes a buffer overflow error in the KPresenter presentation program, which can be provoked by manipulated PowerPoint files in the import filter. An attacker could crash the application using prepared files. It is probably also possible to place code on the stack and execute it with the user's privileges.
It would be possible to receive such a file as an e-mail attachment or by download. There have already been similar attacks on Windows users, in which malicious PPT files have infected a computer with malware via vulnerable PowerPoint installations. The bug in KPresenter is therefore, in the developers' opinion, reason enough to install the new version of KOffice. The other 100 or so non-security related bug fixes and improvements are more of a bonus. Linux distributors are already releasing updated KOffice packages.
As well as the security fixes and bug fixes, KOffice developers have also added minor new features to the image editing program Krita (colour levels filter) and the database program Kexi (parameter queries, lookup columns).
- KOffice 1.6.1 Changelog, bug descriptions for KOffice