OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch

OpenOffice Zero-Day Code Execution Flaw Gets Free Micropatch

A micropatch is now available for a zero-day OpenOffice code execution vulnerability which can be triggered via automated macro execution following a mouseover event when viewing a maliciously crafted ODT document.

Using an exploit for this zero-day vulnerability, potential attackers can issue a directory traversal attack against users of all versions of OpenOffice and all LibreOffice releases up to and including 6.0.6/

However, the OpenOffice 0day which is currently tracked as CVE-2018-16858 and received a CVSS3 Base Score of 7.8 from Red Hat, has been fixed by The Document Foundation in the LibreOffice 6.0.7/6.1.3 release after receiving a report from security researcher Alex Inführ who discovered the issue.

Patches only the Windows version

The researcher also created and published a Proof-of-Concept for CVE-2018-16858 in the form of a FODT extension which he also uploaded to the VirusTotal malware scanning service

According to Inführ, the OpenOffice zero-day vulnerability impacts LibreOffice because of “a feature where documents can specify that pre-installed macros can be executed on various document events such as mouse-over” as detailed in the Directory traversal flaw in script execution advisory published by The Document Foundation on February 1.

While this OpenOffice software flaw impacts both Linux and Windows versions of the program, the micropatch developed by ACROS Security, the company behind the 0patch platform, can only be used to patch Windows OpenOffice release.

As usual, applying 0patch’s micropatch will not require users to restart the system or relaunch OpenOffice, with the effect being immediate because it is an in-memory fix for running processes.

The micropatch created and distributed by 0patch can be downloaded and applied after creating an account on, downloading the 0patch Agent and registering the agent on the device.

0patch also provides a video demo of the OpenOffice 0day micropatch in action:


Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top