Got OpenOffice 2.3 or prior versions? Be prepared to download a security patch.
The OpenOffice.org community has issued a patch for a "highly critical" security vulnerability in OpenOffice 2.3 and prior versions, according to a security advisory issued by Secunia on Wednesday.
A security flaw in a third party default database engine module, HSQLDB, shipped with OpenOffice 2.3 and prior versions, could allow malicious attackers to launch arbitrary code. The vulnerabilities could be exploited by manipulating the database documents processing, according to a security advisory issued by OpenOffice.org
OpenOffice 2.3 was released last September, shortly before security researchers reported vulnerabilities in OpenOffice 2.0.4 and earlier versions. The security flaws could allow attackers to gain control of users' systems via maliciously crafted TIFF files.
The OpenOffice productivity suite is gaining in popularity with its OpenDocument file format as an alternative to Microsoft Office.