OpenOffice worm harbors malware, spyware
updated 10:35 am EDT, Mon June 11, 2007
OpenOffice worm surfaces
Symantec has issued a security warning for a new worm afflicting OpenOffice installations on Mac OS X, Linux, and Microsoft Windows systems. The worm, which Symantec rates as a medium risk, is distributed within malicious OpenOffice documents to spread malware as well as spyware. Symantec recommends all OpenOffice users only transfer files from well known sources, and suggests scanning all files with an internet security application before transferring them to a computer. The company also advises users to block all unsolicited outbound communication using a utility such as Norton Internet Security, which prevents malware and spyware from secretly transferring information to unknown sources over the internet.










Lucky!
06/11, 10:42am reply
Its a good thing Symantec has a product like Norton Internet Security to reference in the security notices!
testudo
Fresh-Faced Recruit
Joined: Aug 2001
2 free programs: do they
06/11, 11:06am reply
I found some converted open source stuff but I don't know if thy will catch this thing
zebra scanner 2.02 http://home.wanadoo.nl/denheyer/webpaginas/ZebraDocumentation.html This does not remove anything but can tell you if anything is hinkey. It looks similar to such windows products as Icesword. On the bright side these kinds of programs are very powerful if you know how to use them because they are independant of updates and are capable of cathhing zero day stuff. but again no removal and little automation.
ClamXav http://www.clamxav.com/ is an open source antivirus program. As the OOo worm affects linux as well I think it likely that it will catch it on macs as well. It would be nice to know for sure though
bombastinator
Fresh-Faced Recruit
Joined: Jun 2007
does this hit neooffice?
06/11, 11:08am reply
or just the x11 openoffice?
jpellino
Fresh-Faced Recruit
Joined: Oct 1999
P2P?
06/11, 11:35am reply
Is this not an example of the idiocy of using P2P more than a specific example of Open Office vulernabilities?
gskibum3
Fresh-Faced Recruit
Joined: Nov 2006
project manager
06/11, 11:41am reply
C'mon open source gurus. You're supposed to have saved the world from this kind of stuff by now!
SubPop
Fresh-Faced Recruit
Joined: Jan 2006
I'd like...
06/11, 11:43am reply
...to see the technicals on this thing. Is this security warning implying that this spyware and malware *runs* on OSX (or linux for that matter)? To bundle installers and applications for three different OSeseses in one document would be quite a feat.
Symantec has nothing on their site regarding the technical details.
Rance
Fresh-Faced Recruit
Joined: Apr 2002
Symantec
06/11, 11:47am reply
isn't this the software when installed creates a bigger security hole in OSX?
suhail
Senior User
Joined: Nov 1999
this was always possible
06/11, 12:00pm reply
Unfortunately Open Office documents can have macros like MS Office documents and so this was always a possibility. Lucky for me I use an HTML editor for short documents, LaTeX for long documents and Pages for desktop publishing, so I can get rid of Open Office.org. I wish I could find a Linux distribution without OpenOffice.org. As far as NeoOffice is concerned and this also applies to OpenOffice.org on Suse Linux, not only are they vulnerable to this kind of exploit, they are also vulnerable to MS Office macro viruses as well as they include partial VBA compatibility.
bhuot
Fresh-Faced Recruit
Joined: Nov 2003
Re: project manager
06/11, 01:35pm reply
The problem is, most likely, people are trying so hard to make this a perfect 'office killer' that little things like security concerns tend to concern them not.
Also, the problem with macros is that people want them powerful, then complain when that power can be used in bad ways.
testudo
Fresh-Faced Recruit
Joined: Aug 2001
re: project manager
06/11, 05:00pm reply
So, in other words, it's the same diet as most other open source projects - all the calories, with none of the flavor.
SubPop
Fresh-Faced Recruit
Joined: Jan 2006