Click to Hack? New LibreOffice Vulnerability Allows Threat Actors to Execute Malware With One Click – Source: heimdalsecurity.com

Users Are Advised to Patch the Vulnerability Immediately!

Last updated on May 17, 2024

Click and execute! A new vulnerability in the open-source LibreOffice is being exploited by threat actors. As per reports, attackers can run malicious code on victims by deceiving them into opening and clicking on a maliciously crafted document.

The LibreOffice developers warn users in a security advisory that the office software supports linking scripts to click events on graphics.

For affected versions of LibreOffice, there are scenarios in which embedded scripts are executed without warning when users click on a document with such on-click handlers.

LibreOffice Security Advisory (Source)

What to Know About the Vulnerability

Registered as CVE-2024-3044, the vulnerability scored 8.8 on the CVSS scale, just short of critical, indicating a ‘high risk’ of exploitation potential.

Such scripts were classified as being trustworthy in the early versions of LibreOffice, but that is no longer the case. The bug has already received a fix. The fix ensures that the rights granted by users to execute macros assigned when loading a page are now also applied to on-click handlers.

LibreOffice developers recommend patching the software to the newest version. Version 23.2.3 and 7.6.7 of the software are available for download on the project’s download page.

For Linux users it is recommended to start their software management and check whether the bug-fixed versions have already been installed.

About a year ago, the Ghostscript package created a security vulnerability in various software installations, including LibreOffice, which has the tool integrated. This vulnerability could be exploited by opening manipulated documents.

If you liked this piece, check out the Heimdal Blog for more! Follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.