Opera closes vulnerabilities
The Opera browser has been updated to version 9.64 which includes several security and stability fixes. The update addresses an extremely severe vulnerability in which a specially crafted JPEG image can cause Opera to corrupt memory and execute arbitrary code.
The release incorporates the Opera Presto 2.1.1 user agent engine. Support has been added for Data Execution Prevention (DEP) for both Windows XP SP2 (and higher) and Windows Server 2003 SP1. An issue where plug-ins could be used to allow cross domain scripting has been fixed. The change log lists a fix to a "moderately severe issue" which will be detailed at a later date.
Opera 9.64 is available to download now and is recommended for all users.
- Specially crafted JPEG images can be used to execute arbitrary code, Advisory from Opera.
- Opera 9.64 for Windows Changelog, from Opera.