Users of the popular alternative office suites, OpenOffice and StarOffice, need to upgrade following the discovery of a trio of potentially serious security bugs.

The security bugs stem from flaws in the image processing components of the packages involved in handling common graphic formats, WMF and EMF, as explained here. As a result users who open malformed documents using vulnerable versions of the software are liable to become infected. These heap-based buffer overflow flaws were discovered by security researcher John Heasman of NGSSoftware, the UK-based security software tools developer.

OpenOffice users are advised to upgrade to versions 2.1.0 respectively to guard against possible exploit. Users of StarOffice version 6,7 and 8 need to apply relevant patches from the SunSolve website as explained here. ®

Related stories

• Google and Sun tag team MS Office (15 August 2007)
• Russians crack OpenOffice security (20 April 2007)
• Bug brokers offering higher bounties (25 January 2007)
• Mac OS X-friendly OpenOffice to go public next month (30 August 2006)
• OpenOffice hits back at viral risk claims (15 August 2006)
• OpenOffice update fixes security bug trio (3 July 2006)
• First StarOffice malware sighted (1 June 2006)
• Google takes on MS Office with Writely buy (10 March 2006)