Announcement

Collapse
No announcement yet.

Apache OpenOffice Vulnerable To One-Click Code Execution

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Apache OpenOffice Vulnerable To One-Click Code Execution

    Phoronix: Apache OpenOffice Vulnerable To One-Click Code Execution

    If you are still relying on Apache OpenOffice in 2021 you might want to really make it a goal this year to transition to the much more featureful LibreOffice, but in any case you'll want to move at least to OpenOffice 4.1.10...

    https://www.phoronix.com/scan.php?pa...-Vulnerability

  • #2
    Uninstall that trash and install LibreOffice.

    Comment


    • #3
      Uninstall that CLA trash and install truly Free LibreOffice.

      Comment


      • #4
        Who still runs OpenOffice seemingly deserves that.

        Comment


        • #5
          I wonder who these 2.4 Million people (bots?) are that download AOO. AOO is quite dead. For a long time. They should really transfer naming rights to the TDF/LibO. And redirect to the website. There's no use in wasting engineering power and people still downloading an inferior product that is not really actively developed.
          Sometimes multiple solutions are good to have an alternative, but those come from the same origin. Just one branch is totally withered now.
          Stop TCPA, stupid software patents and corrupt politicians!

          Comment


          • #6
            Wait, the so-called "vulnerability" was that no warning dialog is displayed when clicking a link?
            I hope there is more to this than what this article and the blog post state.

            Comment


            • #7
              Interesting that Phoronix will report on the OOo one-click exploit, but won't say a thing about the fact that researchers have found examples of systemd-daemon containing RotaJakiro backdoor malware over a period of several years.

              One is a piece of software that almost no one has used in the past decade, the other is ubiquitous.

              Comment


              • #8
                Originally posted by andyprough View Post
                Interesting that Phoronix will report on the OOo one-click exploit, but won't say a thing about the fact that researchers have found examples of systemd-daemon containing RotaJakiro backdoor malware over a period of several years.

                One is a piece of software that almost no one has used in the past decade, the other is ubiquitous.
                lol you mean someone made a malware and called it systemd-something, therefore it's a problem with systemd?

                I'm going to create a profile called andyprough-factual, and spread (more) conspiracies in your name, it will be your fault, right?

                Comment


                • #9
                  Originally posted by andyprough View Post
                  Interesting that Phoronix will report on the OOo one-click exploit, but won't say a thing about the fact that researchers have found examples of systemd-daemon containing RotaJakiro backdoor malware over a period of several years.

                  One is a piece of software that almost no one has used in the past decade, the other is ubiquitous.
                  Not even is a systemd deamon, the binary was just named "systemd-deamon" to be less likely to be detected by layer 8 error containing system admins. Non of that code was ever in systemd, so no, your malware with the funny name is not part of this ubiquitous software.

                  "The association with systemd, a widely used system and session manager for Linux, may have been chosen by the malware authors to make the malicious code less likely to be noticed by administrators reviewing logs and process lists.""

                  Edit: it seems the anti-systemd movement as a whole drifts down into conspiracy land. I just yesterday learned that there are people who claim journald's binary log format is malware and that there is a NTP server included in the default setup is "calling home". Its not even funny anymore, its just sad.
                  Last edited by Alexmitter; 04 May 2021, 10:44 AM.

                  Comment


                  • #10
                    2.4 million downloads
                    it must be our priority to educate all persons

                    Comment

                    Working...
                    X