October 30, 2008

Opera Software fixes flaw with browser version 9.62

Opera Software on Thursday announced the release of Opera 9.62 which patched a major security flaw in the “history search” page.

“We encourage users to update as quickly as possible,” Opera spokesman Thomas Ford told SCMagazineUS.com Tuesday.

The patch comes just days after security researchers Aviv Raff, Roberto Suggi and Stefano Di Paola reported that the browsers "history search" page did not validate user input and left users open to a remote code execution exploit.
 
An attacker would have been able to create a specially crafted page that would automatically open the history search page and exploit the vulnerability, Raff said. If a victim visited this web page, a trojan would be silently downloaded and installed on the victim's machine.

Opera just released version 9.61 last week, which patched a similar problem on the same local resource — the history search page — that allowed an attacker to view a user's history.

Related Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.