In association with heise online

13 October 2010, 12:55

Opera web browser 10.6 update closes critical vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Opera Logo Opera Software has announced the release of version 10.63 of its Opera web browser, a security and stability update that addresses five vulnerabilities, one of them rated as critical. According to the developers, the latest stable release addresses a critical issue in the browser that allows cross-site scripting (XSS) attacks to take place that could lead to the execution of arbitrary code on a user's system. For an attack to be successful, a victim must simply visit a specially crafted page.

The browser update also fixes an issue that could allow for cross-domain checks to be bypassed, allowing for data theft using CSS. Another moderate issue that allowed private video streams to be intercepted and a bug that caused JavaScript to run in the wrong security context after manual interaction, have been corrected.

Various stability problems, such as a bug that would cause the browser to use 100% of a system's CPU at start-up, have also been fixed. Other changes include updates that improve Opera Unite Messenger and Opera Link reliability. The developers advise all users to upgrade.

Further information about the browser security update can be found in a post on the Opera Blog and in the change logs (Windows, Mac OS X, Unix). Opera 10.63 is available to download for Windows, Mac OS X and Linux from the company's site. Existing users can upgrade using the built-in update function.

As previously reported, the 10.6x branch will be the last release with support for the PowerPC architecture. According to Opera Developer Daniel Aleksandersen, the company is dropping support for the processor technology as only 0.1% of Opera users still use PowerPC-based systems.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1106968
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit