Download the latest LibreOffice update now to protect against macro viruses

(Image credit: Shutterstock)

The Document Foundation has released a major security update for free office software LibreOffice, which helps protect against macro viruses. If you're running a version of LibreOffice older than 6.2.5, you should upgrade to the latest version now.

Macro viruses are commonly spread in office documents, and begin a series of actions when the document is opened. As The Register reports, unpatched versions of LibreOffice, three vulnerabilities meant is was possible for certain macros to run silently when you opened a document without giving you the opportunity to stop anything suspicious.

The vulnerabilities involved a feature called LibreLogo, which is designed for teaching programming. By typing commands using the simple Logo programming language, you can control a 'turtle' graphic and move it around the document. It's a fun introduction to coding, but led to a chain of problems.

The first issue was that the Logo commands were converted to the Python language without proper safety checks to make sure nothing malicious got through. The second was that all of LibreOffice's built-in macros were flagged as 'fully trusted' regardless of your chosen security settings – including LibreLogo, which is optional but installed by default). The third and final problem was that LibreLogo sent arbitrary Python code in the document to be interpreted – not just explicitly typed commands.

Keep your PC secure

Together, these three vulnerabilities meant that if you received a document containing malicious Python code, it would run automatically when you opened it without asking for confirmation.

Files carrying a macro virus are often sent as email attachments, so always be skeptical of any attachments you aren't expecting, even if they look benign and are a file type you recognize.

LibreOffice should be set to check for updates automatically by default, but you can check your settings by clicking Tools > Options > LibreOffice > Online Update. Here, you can also select whether the software should check for updates daily, weekly, monthly, or whenever you're connected to the internet.

When an update is available, an icon will appear in the menu bar. The update will begin downloading straight away if automatic updates are enabled; if not, you'll need to click it to start the process.

Cat Ellis

Cat is the editor of TechRadar's sister site Advnture. She’s a UK Athletics qualified run leader, and in her spare time enjoys nothing more than lacing up her shoes and hitting the roads and trails (the muddier, the better)