Users have been urged to promptly update to the latest versions to avert risks. Maintainers of each office productivity suite have resolved the issues in OpenOffice version 4.1.11 and LibreOffice versions 7.0.5, 7.0.6, 7.1.1 and 7.1.2. by both OpenOffice and LibreOffice in so-called office server mode) allows. The digital signatures used in document macros are meant to help the user verify that the document hasn’t been altered and. Although the severity of the flaw is classified as moderate, the implications could be dire. Since neither of these two applications offer auto-updating, you should do it manually by downloading the latest version from the respective download centers - LibreOffice, OpenOffice. Of course, if you start using them extensively, you. Earlier this month, LibreOffice released the latest version 6.2.5 of its software that addresses two severe vulnerabilities (CVE-2019-9848 and CVE-2019-9849), but the patch for the former has now been bypassed, security researcher Alex Inführ claims. Unfortunately, the similarities fade away as you look for various features, user interface, file format compatibility, export capabilities, and other characteristics. Threat actors could abuse the flaws - which include a content and macro manipulation with double certificate attack issue, tracked as CVE-2021-41830 and CVE-2021-25633 a timestamp manipulation with signature wrapping bug, tracked as CVE-2021-41831 and CVE-2021-25634 and a content manipulation with certificate validation attack issue, tracked as CVE-2021-41832 and CVE-2021-25635 - to enable alteration of signed ODF documents' timestamps, as well as modification of documents' contents and the signing of documents with untrusted signatures. In combination with systems where SMB signing is disabled, an attacker or. LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. LibreOffice and OpenOffice have released fixes to tackle an issue that allows hackers to make documents look as if they were signed by a trustworthy source. For OpenOffice, that would be 4.1.10 and later, and for LibreOffice, 7.0.5 or 7.1.1 and later. LibreOffice and OpenOffice are capable enough to open various file formats that include Microsoft’s DOCX, PPT, and more. Researchers at Ruhr-University Bochum's Chair for Network and Data Security discovered and reported various vulnerabilities in Apache OpenOffice and LibreOffice that could be exploited to modify documents to seem they have been digitally signed by a trusted source, according to The Hacker News.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |