OpenOffice.org has released a security update to its alternative office productivity suite following the discovery of three potentially serious security vulnerabilities during an internal audit.

Both 1.1.x and the newer 2.0.x releases of the software are affected. Users are advised to update to version 2.0.3 or to wait for an upcoming patch to version 1.1.5 of the code.

A security bulleting from OpenOffice.org can be found here.

StarOffice, the commercial office productivity software based on the code used in OpenOffice, is affected by the equivalent three security bugs. Patches to StarOffice/StarSuite 8.x and 7.x (and StarOffice 6.x) are available to address the problem.

A notice from security notification firm Secunia provides a summary of the issue along with links to the relevant advisories. ®

Related stories

• OpenOffice update completes bumper patch crop (11 June 2008)
• Google and Sun tag team MS Office (15 August 2007)
• Mankind saved from OpenOffice bugs (8 January 2007)
• OpenOffice hits back at viral risk claims (15 August 2006)
• French MoD questions OpenOffice security (20 July 2006)
• Belgium adopts open office doc format (27 June 2006)
• First StarOffice malware sighted (1 June 2006)
• Google takes on MS Office with Writely buy (10 March 2006)
• CES OpenOffice supports U3 'portable Home folder' Flash drives (5 January 2006)
• OpenOffice challenges Microsoft on XML standards (20 October 2005)