2011/04/20

Security Report: OpenOffice or Microsoft Office?

The number of errors and exploitable vulnerabilities in the individual  Microsoft Office versions has dramatically in recent years  taken off and is even below that of OpenOffice. This is the result  are independent of the security specialist Dan Kaminsky and  Will Dormann of CERT at Carnegie Mellon University came. The  Results are, however, with a little caution to enjoy being on  automatic evaluation susceptible of concrete slightly above the  Potential threat to testify.

Both studies used for their fuzzing tools to more  to create ten thousand bad doc files, they in the Office  To download products and the reaction with the Microsoft tool "! exploitable  Crash Analyzer to evaluate. "Kaminsky Dormann and were finally  Number of crashes and the Crash Analyzer as weaknesses  classified errors exploited for attacks, or suspected  can be exploited. The tool takes this view, however,  automatically before.

The number of exploitable vulnerabilities in Microsoft's Office suite has  declined considerably from 2003.  Image: Dan Kaminsky Dormann has Office XP Office 2003 and 2007  up to Office 2010 registered a steady decline of the crashes. In addition,  the number of exploitable vulnerabilities decreased from seven to zero  continuously. When he compared only the OpenOffice versions 3.2.1 and  3:30 RC7, with the number of crashes and exploitable bug (from 18 to  15) within the product but declined to but still significantly  was higher than those of Microsoft Office.

Kaminsky is with his attempts to drastic statements: while  Office 2003 still has 127 (potentially) exploitable vulnerabilities, bagged  the number for Office 2007 from Office 2010 to 12 and at 7. In  Comparison showed that in 2003, available OpenOffice version  (Version 1.1) 73 vulnerability, which in 2007 62 and 2010  20 fell.

Kaminsky and Dormann, conduct themselves in interpreting the results  back. From the perspective of Kaminsky, the situation has improved.  What is the reason, can open both. With Microsoft expected  the introduction of the Software Development Lifecycle an essential  Role as the manufacturer in this particular context and processes  has tools to increase the safety of its established products.

However one can not overstate the results. On the one  they seem to vary so greatly, and similar tests for other  Microsoft's products are still more in the focus of attackers  as OpenOffice. Thus, the risk of infection is even less  Weak points higher. That may change, however, soon, when the  Support for Office XP runs (12 July 2011) and enterprises and  Users to newer versions of Office switch. It tries to  others, the "Office File Validation" prepared to load files  . Prevent The function is available for the last Patch Tuesday and Office  2003 and 2007.

9 comments:

SweetShop said...

I prefer Microsoft Office - pretty much does the work for you.

fit4life said...

i agree with sweet shop, Microsoft office does the work for you, you hardly have to do anything

Glovey said...

Awesome blog man! Keep up the great work!

Aamir Muhammad said...

Open office its free and does the same thing if not better

lacrosseman said...

Microsoft office

Splattercore said...

I have been using open office for a while now. I find it alot more user friendly. Also the free aspect is not too bad either.

KungPao said...

I've been microsoft office until now but maybe i should check out open office

Eric Peterman said...

to be honest, i rather not use either haha but if i HAD to pick id pick microsoft office

Anonymous said...

After getting more than 10000 visitors/day to my website I thought your freezour.blogspot.com website also need unstoppable flow of traffic...

Use this BRAND NEW software and get all the traffic for your website you will ever need ...

= = > > http://get-massive-autopilot-traffic.com

In testing phase it generated 867,981 visitors and $540,340.

Then another $86,299.13 in 90 days to be exact. That's $958.88 a
day!!

And all it took was 10 minutes to set up and run.

But how does it work??

You just configure the system, click the mouse button a few
times, activate the software, copy and paste a few links and
you're done!!

Click the link BELOW as you're about to witness a software that
could be a MAJOR turning point to your success.

= = > > http://get-massive-autopilot-traffic.com