In order to set macro security on LibreOffice, go to Tools → Options → LibreOffice → Security, and click on ‘Macro Security’.Īs we can see in the picture below, in the new window, the users can choose from four different levels of protection, with High or Very High being the suggested options.Īs recommended by BleepingComputer, users having an outdated and vulnerable version of the app shouldn’t count on the “trusted list” feature because a compromised document could still seem to come from a reputable source if the signature algorithm is incorrect. Those who can’t update to the newest version can always disable the macro features in their office suite or avoid trusting any documents that contain macros. Those using Linux who don’t have the versions mentioned above available on their distribution’s package manager yet are urged to download the “deb”, or “rpm” package from the Download center or build LibreOffice from source. Users will have to do the updates manually by downloading the newest version from the LibreOffice, OpenOffice download centers, as neither LibreOffice nor OpenOffice apps provide auto-updating. For LibreOffice – 7.0.5 or 7.1.1 and later.Those using at least one of the open-source office suites are recommended to update to the most recent version as quickly as possible. The same issue affects LibreOffice, a project fork of OpenOffice that originated from the main project over ten years ago and is recorded as CVE-2021-25635 for their project. Ruhr University Bochum’s cybersecurity researchers were the first to notice this vulnerability in OpenOffice, which has been tracked as CVE-2021-41832. Pick up a book on programming and dive in. Not only are you free to use it or not use it, you are even free to work to improve it. You can go on using MS Office forever and no one who programs LibreOffice will lose any fraction of a cent because of it. Although the severity of the flaw is classified as moderate, the implications could be dire. No one is getting paid because you use LibreOffice. 5 comments 99 Upvoted Log in or sign up to leave a comment Log In Sign Up Sort by: best View discussions in 1 other community level 1 GenInsurrection 3m So there's no way to disable macros altogether Seems like you used to be able to do that. The digital signatures used in document macros are intended to assist the user in determining whether or not a document has been modified and can be trustworthy.Īllowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code. LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. LibreOffice, OpenOffice bug allows hackers to spoof signed docs /news/s. LibreOffice and OpenOffice have released fixes to tackle an issue that allows hackers to make documents look as if they were signed by a trustworthy source.Įven though the vulnerability is not placed in the ‘High’ severity category being rated as moderate, the consequences could be disastrous.
0 Comments
Leave a Reply. |