Patch/Configuration Management, Vulnerability Management

Opera Software fixes flaw with browser version 9.62


Opera Software on Thursday announced the release of Opera 9.62 which patched a major security flaw in the “history search” page.

“We encourage users to update as quickly as possible,” Opera spokesman Thomas Ford told Tuesday.

The patch comes just days after security researchers Aviv Raff, Roberto Suggi and Stefano Di Paola reported that the browsers "history search" page did not validate user input and left users open to a remote code execution exploit.
An attacker would have been able to create a specially crafted page that would automatically open the history search page and exploit the vulnerability, Raff said. If a victim visited this web page, a trojan would be silently downloaded and installed on the victim's machine.

Opera just released version 9.61 last week, which patched a similar problem on the same local resource — the history search page — that allowed an attacker to view a user's history.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.