![]() LibreOffice settings menu to disable macros To set macro security on LibreOffice, go to Tools → Options → LibreOffice → Security, and click on ‘Macro Security’. If updating to the latest version is not possible for any reason, you can always opt to completely disable the macro features on your office suite, or avoid trusting any documents containing macros.Īlso Read: What Is Data Sovereignty and How Does It Apply To Your Business? If you’re using Linux and the aforementioned versions aren’t available on your distribution’s package manager yet, you are advised to download the “deb”, or “rpm” package from the Download center or build LibreOffice from source. ![]() Since neither of these two applications offer auto-updating, you should do it manually by downloading the latest version from the respective download centers – LibreOffice, OpenOffice. For OpenOffice, that would be 4.1.10 and later, and for LibreOffice, 7.0.5 or 7.1.1 and later. If you’re using either of the open-source office suites, you’re advised to upgrade to the latest available version immediately. The same flaw impacts LibreOffice, which is a fork of OpenOffice spawned from the main project over a decade ago, and for their project is tracked as CVE-2021-25635.Īlso Read: How COVID-19 Contact Tracing in Singapore Applies at Workplace Addressing the risk The discovery of the flaw, which is tracked as CVE-2021-41832 for OpenOffice, was the work of four researchers at the Ruhr University Bochum. “Allowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code. The digital signatures used in document macros are meant to help the user verify that the document hasn’t been altered and can be trusted. LibreOffice and OpenOffice have released fixes to tackle an issue that allows hackers to make documents look as if they were signed by a trustworthy source.Įven though the vulnerability is not placed in the ‘High’ severity category being rated as moderate, the consequences could be disastrous.LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source.Īlthough the severity of the flaw is classified as moderate, the implications could be dire. The digital signatures used in document macros are intended to assist the user in determining whether or not a document has been modified and can be trustworthy.Īllowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code. Ruhr University Bochum’s cybersecurity researchers were the first to notice this vulnerability in OpenOffice, which has been tracked as CVE-2021-41832. The same issue affects LibreOffice, a project fork of OpenOffice that originated from the main project over ten years ago and is recorded as CVE-2021-25635 for their project. For LibreOffice – 7.0.5 or 7.1.1 and later.Those using at least one of the open-source office suites are recommended to update to the most recent version as quickly as possible. ![]() Users will have to do the updates manually by downloading the newest version from the LibreOffice, OpenOffice download centers, as neither LibreOffice nor OpenOffice apps provide auto-updating. Those using Linux who don’t have the versions mentioned above available on their distribution’s package manager yet are urged to download the “deb”, or “rpm” package from the Download center or build LibreOffice from source. Those who can’t update to the newest version can always disable the macro features in their office suite or avoid trusting any documents that contain macros.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |