Now PATCHED - Opera Insecure Library Loading Vulnerability

Question

EDIT:   A patched version is now available --- see lower in this thread. The following has been copied/pasted from http://secunia.com/advisories/41083/ DescriptionA [highly critical] vulnerability has been discovered in Opera, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a HTML file located on a remote WebDAV or SMB share.Successful exploitation allows execution of arbitrary code.The vulnerability is confirmed in version 10.61 installed on Windows XP SP3. Other versions may also be affected. SolutionDo not open untrusted files.   EDIT:   As the same vulnerability has been found in Firefox, that means all of the 'Big Three' (IE / FF / Opera) are again simultaneously INsecure :emotion-6:   However, Secunia rates the insecurity in IE as a 'less crtical' category 2 --- meaning that, although imperfect, it would still appear to be a safer choice than risking a 'highly critical' category 4 vulnerability in both FF and Opera.

ky331 · Answer

This vulnerability has been patched, with the release of version 10.62

Virus & Spyware

Was this post helpful?