Opensource Security

**Name of the Vulnerable Software and Affected Versions** LibreOffice versions 24.2 through 24.2.4 **Description** The issue is related to the Certificate Validation user interface in LibreOffice, which allows a potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened, a warning is displayed by LibreOffice before the macro is executed. Previously, if verification failed, the user could fail to understand the failure and choose to enable the macros anyway. **Recommendations** For LibreOffice versions 24.2 through 24.2.4, update to version 24.2.5 or later to resolve the issue. As a temporary workaround, consider disabling the execution of signed macros until a patch is available. Restrict access to documents with signed macros to minimize the risk of exploitation. Avoid enabling macros from untrusted sources.