Opera update quietly fixes bug brace
Print storyShh, we're guarding against 'severe' vulns
Posted in Enterprise Security, 10th October 2008 10:18 GMT
Free whitepaper – Extended Validation SSL Certificates
Opera has patched a brace of critical vulnerabilities with the release of the latest version of its web browser.
The release notes accompanying Opera version 9.60 focused on features such as speed improvements and a cleaner layout for feeds. But underneath the bonnet, a couple of security vulnerabilities have been patched.
Firstly, the improper validation of URLs left users of earlier versions of the browser at risk from code injection attacks. The bug was unearthed by security firm Matasano. More details on the implications of the bug can be found in a bug entry here.
The second flaw involves the unsafe storage of cached Java applets, which created a possible mechanism for hackers to harvest sensitive information.
An quick overview of the flaws can be found in an advisory by security clearing house US CERT here. ®
Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server
The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Buggy 'smart meters' open door to power-grid botnet
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive