BadBunny? Only if you invite it in
Posted Jun 14, 2007 7:33 UTC (Thu) by nim-nim
Parent article: BadBunny? Only if you invite it in
OOo has chosen to implement core functions (dictionnary download...) through macro-ified documents. So most openoffice users will be used to the macro warning popup and click through it without a thought. (Generally speaking this kind of warning is pretty useless and only there so you can tell the press it's the user fault they were infected. Kind of like securing an area by sticking a "secure zone" sign on an unlocked door)
Sun management is pretty much is denial about the whole issue but the truth is with regard to macro security OO.o is on par if not lagging behind Microsoft Office.
A secure internet-era office suite should thoroughly limit the scope of macros, make sure no default function depend on them, and use digital signature checks to vet macroified documents (esp the ones distributed with the suite)
"BadBunny" is not spreading because its malicious payload was badly coded, OO.o is badly integrated in the OS and not that used, not through any particular virtue of OpenOffice security.
to post comments)