If your’e using LibreOffice, be extra careful about the document files you open using this software in the next few days. This is because it contains a critical, unpatched code execution flaw that could inject your system with malware as soon as you open an infected document.
LibreOffice happens to be a popular and open source alternative to Microsoft Office suite and is available for Windows, Linux and macOS systems.
Earlier this month, LibreOffice released the latest version 6.2.5 of its software that addresses two severe vulnerabilities (CVE-2019-9848 and CVE-2019-9849), but the patch for the former has now been bypassed, security researchers have said.
Researchers have notified the LibreOffice team of the bypass issue, but until the team releases a patch to fix the bypass, users are recommended to update or reinstall the software without macros or at least without LibreLogo component, by following the below-mentioned steps.
Open the setup to start the installation
- Select “Custom” installation
- Expand “Optional Components”
- Click on “LibreLogo” and select “This Feature Will Not Be Available”
- Click Next and then Install the software.