WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Security Flaws Found in New Opera Browser
Opera 7 for Windows could put users' privacy at risk, experts warn, but say it is still safer than Internet Explorer.
Joris Evers, IDG News Service
Security flaws in Opera Software's Web browser could put the privacy of Opera users at risk, an Israeli Web application company warned Tuesday.
The company, GreyMagic Software of Jerusalem, known for its disclosure of security bugs in Microsoft's Internet Explorer browser, detailed what it says are five new vulnerabilities in Opera 7 for Windows, the Web browser software launched a week ago by Opera of Oslo.
Three of the vulnerabilities allow an attacker to browse a victim's hard drive and read any file using a file browser complete with a folder tree and file viewer, GreyMagic said in a statement. The company said the flaws lie in the way Opera handles Javascript and image files and considers the vulnerabilities "critical."
The two other flaws are "severe breaches of privacy" as they can disclose part of the user's browsing history to a malicious Web site operator, GreyMagic said.
Opera was informed by GreyMagic on Friday and plans to release a new version of its browser soon to address the issues, Live Leer, an Opera spokesperson said.
"We have been working on the issues since Friday and we will release a new version either tonight or tomorrow. We want to rectify the issues as soon as possible," she said.
Easy to Exploit
The flaws are easy to exploit, Lee Dagon, head of research at GreyMagic said.
"An attacker would need minimal knowledge in scripting in order to exploit any of these vulnerabilities," he said.
Still, GreyMagic deems Opera a much safer browser than Internet Explorer, even though the latest version of Opera offers expanded support for scripting, which makes it possible for more programming mistakes to occur, Dagon said.
"However, the current impacts of accessing the local computer in Internet Explorer and Opera are very different. Access to the local zone in Internet Explorer gives the attacker almost full control, allowing for execution of arbitrary commands. Opera does not have such features, but it still allows for plenty of mischief," he said.
Opera has only a small share of the Web browser market, which is dominated by Microsoft with a 95.2 percent share, according to Web analytics company OneStat in Amsterdam. Opera 7 achieved a global usage share of 0.03 percent in the first week of its launch, according to OneStat.
- Sponsored Resource:Improve your network with the right mix of features, performance and pricing.
- Sponsored Resource:Growing your business requires the right tools. Dell's networking servers can help.
- Sponsored Resource:Thinking about a new Laptop? Lenovo has models to meet everyone's needs.
- Sponsored Resource:Twitter: A how-to guide for using Twitter as a business tool.
- Sponsored Resource:Smartphone security threats are on the rise. Is it time to safegaurd your device?
Print 65% more pages than with refilled inks. Trust Original HP Inks. Hit Print Reliably.
Solve Tech Issues Fast
People who read this also read:
Best Prices on Antivirus Software
Norton AntiVirus 2009 (Full Product)Price: $14.94
VirusScan Plus 2009 (Full Product)Price: $9.99
Anti-Virus 2009 (Full Product)Price: $13.42
VirusScan Plus 2009 - 3-User (Full Product)Price: $13.95
McAfee VirusScan Plus 2008 (Full Product)Price: $3.23
NOD32 AntiVirus 3.0Price: $32.97
- 2007 Microsoft Office Suites Comparison This paper compares and contrasts four suites of the 2007 Microsoft Office system: Microsoft Office Standard 2007, Microsoft Office Professional Plus 2007, Microsoft Office Enterprise 2007 and Microsoft Office Ultimate 2007. This paper is intended to help organizations understand the applications and capabilities offered, and to identify the suite that best fits their needs.
- Windows Vista Migration: The Business Proposition It's not so much a matter of "if" but "when" for most organizations regarding migration to Windows Vista. Laying the groundwork now for this migration can yield higher ROI than waiting until later. This Computerworld Technology Briefing explains it all.
