Opera update plugs bug brace
History search vuln exorcised
Posted in Enterprise Security, 5th November 2008 11:37 GMT
Free whitepaper – Extended Validation SSL Certificates
Opera has updated its browser to plug a pair of critical security holes.
Version 9.62 of the browser fixes a vulnerability in the History Search function which creates a possible mechanism for hacker to inject code. The flaw, discovered by researcher Aviv Raff, left Opera users at risk of attack simply by visiting booby-trapped webpages.
The update also fixes a bug involving the handling of javascript URLs in the Links panel. The flaw left surfers at risk from cross-site scripting attacks when visiting web pages containing frames.
Opera 9.62 also incorporates the Opera Presto 2.1.1 user agent engine, as explained in an advisory by the Norwegian software firm here. ®
Free whitepaper – Securing your Microsoft Internet Information Services (MS IIS) web server


The business case for application security
Reducing messaging and web security costs with managed services
Avoiding 7 common mistakes of IT security compliance
Server-gated cryptography
Airport insecurity: the case of lost laptops
Feds: Hospital hacker's 'massive' DDoS averted
Microsoft knew of nasty IE bug a year before attacks
BlockMaster SafeStick hardware-encrypted USB drive