Word handling bug shoots down StarOffice
Starstruck
Posted in Enterprise Security, 21st September 2009 11:28 GMT
Free whitepaper – PowerEdge M1000e, M600 and M605 spec sheet
Sun last week pushed out a set of updates designed to fix a flaw in its StarOffice and StarSuite office software packages.
Problems in handling Microsoft Word documents by Sun's open source alternatives created a code injection risk. Users induced into opening malformed documents could wind up with pwned Windows PCs because of the bug, just the sort of thing hackers running targeting attacks might be interested in exploiting.
Users of StarOffice/StarSuite 7, 8, and 9 all need to update their software, and Sun's advisory can be found here.
The bug was discovered by Dyon Balding of Secunia Research.
The flaws addressed by Sun's update relate to recently patched flaws in OpenOffice, involving bugs connected to handling the document table of a Word document and "table parsing", addressed by OpenOffice 3.1.1. ®
Free whitepaper – Out-of-box comparison between Dell, HP, and IBM blade servers

Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive