CNET también está disponible en español.

Ir a español

Don't show this again

Culture

OpenOffice.org releases security patch

A "highly critical" security update addresses vulnerabilities in a default database engine module shipped with version 2.3 and earlier versions.

Got OpenOffice 2.3 or prior versions? Be prepared to download a security patch.

The OpenOffice.org community has issued a patch for a "highly critical" security vulnerability in OpenOffice 2.3 and prior versions, according to a security advisory issued by Secunia on Wednesday.

A security flaw in a third party default database engine module, HSQLDB, shipped with OpenOffice 2.3 and prior versions, could allow malicious attackers to launch arbitrary code. The vulnerabilities could be exploited by manipulating the database documents processing, according to a security advisory issued by OpenOffice.org

OpenOffice.org is asking users to download OpenOffice version 2.3.1. (Download OpenOffice.org 2.3.1 for Windows from CNET Download.com.)

OpenOffice 2.3 was released last September, shortly before security researchers reported vulnerabilities in OpenOffice 2.0.4 and earlier versions. The security flaws could allow attackers to gain control of users' systems via maliciously crafted TIFF files.

The OpenOffice productivity suite is gaining in popularity with its OpenDocument file format as an alternative to Microsoft Office.