English:

The Free and Open Productivity Suite
New: Apache OpenOffice 4.1.1 released!

Apache OpenOffice Security Team FAQ

Is OpenOffice secure?

The OpenOffice engineers take the security of the software very seriously. We take great care to ensure that our software is secure, and we will react promptly to any reports of suspected security vulnerabilities in our software.

up arrow Return to top

How do I know my copy of OpenOffice is genuine?

Make sure you know where your copy of OpenOffice has come from. Download from one of the sites listed in our download page, or purchase from one of our CD distributors. Use a checksum to make sure your copy has not been corrupted before you install it.

up arrow Return to top

How do I protect my copy of OpenOffice against security issues?

We recommend all users install new versions of OpenOffice as soon as practical after they are released. Since version 2.1, OpenOffice has included a feature which will tell you if a new version is available. We recommend you switch this on (Tools -> Options -> Online Update -> Check for updates automatically).

up arrow Return to top

"The publisher of this software cannot be verified" - what should I do?

When installing OpenOffice under Microsoft Windows, you may see a warning message stating that the publisher of the software could not be verified. It is safe to ignore this message if you are confident that your copy of OpenOffice came from a reputable source. If you have any doubts about this, you can check that the file has not been tampered with by using MD5 checksums.

up arrow Return to top

How do I stop viruses attacking my copy of OpenOffice?

If your computer becomes infected with a virus, it is possible that any program you have installed – including OpenOffice - may become corrupted. Your computer cannot catch a virus from fresh air. It can become infected if someone gives you any kind of media – floppy disk, CD, DVD, memory stick, memory card etc. – anything capable of holding data can also hold a virus. It can become infected if it is connected to any kind of network, including wireless. Connections to publicly accessible networks like the internet are particularly risky.

There is a whole range of things you can do to protect your computer – firewalls, anti-virus software, etc – please contact your PC supplier or IT department for details. If you suspect your PC has been infected, please seek specialist support.

up arrow Return to top

How do I protect against macro-viruses in OpenOffice?

Macros are a useful part of any office suite, allowing you to automate repetitive tasks. A macro can do anything you can do - including potentially destructive actions such as modifying and deleting files. A macro can attached to any OpenOffice file (document, spreadsheet, etc.).

Whenever OpenOffice detects macros in a document being opened, by default it displays a warning and will only run the macro if the you specifically agree.

The safest rule is you should never open any OpenOffice file unless you are sure where it has come from and trust the sender. Note that it is very easy to falsify an email address - if you have any doubt, do not open the document until you have proved its identity. If you need to exchange documents regularly, we recommend the use of digital signatures to certify the origin of the document.

up arrow Return to top

I am a developer - how do I report a security vulnerability in OpenOffice?

Please report any suspected vulnerabilities to our Security Team. We appreciate early confidential disclosure to give vendors of products and solutions based on OpenOffice time to react. We will coordinate the disclosure of your report with you.

In your report, please include the following information:

After we receive your report, we will work on the evaluation and we will reply to you (typically in the next business day).

up arrow Return to top

Where can I find a list of all the security vulnerabilities fixed in OpenOffice?

These are listed in our Security Bulletin.

up arrow Return to top

How can I get email alerts about security vulnerabilities fixed in OpenOffice?

Please read our Security Alerts page.

up arrow Return to top


Security Home -> Security FAQ

Logo ApacheCon Europe 2014

Apache Feather

Copyright & License | Privacy | Website Feedback | Contact Us | Donate | Thanks

Apache, the Apache feather logo, and OpenOffice are trademarks of The Apache Software Foundation. OpenOffice.org and the seagull logo are registered trademarks of The Apache Software Foundation. Other names appearing on the site may be trademarks of their respective owners.