Opera Software has just released Opera 10.54, which is a highly recommended security update. This release fixes multiple security issues, including one which allowed Opera to be used as a vehicle for exploiting a flaw in font handling in Windows operating system. Here is the full changelog:
- Prevented Opera from being used as a vector for a font issue in the underlying operating system, as reported by Microsoft’s security team; see our advisory.
- Fixed an extremely severe issue; details will be disclosed at a later date.
- Fixed a highly severe issue; details will be disclosed at a later date.
- Fixed a moderately severe issue; details will be disclosed at a later date.
- Fixed a less severe issue; details will be disclosed at a later date.
As you can see, the Norwegian browser maker has been surprisingly vague while describing the security vulnerabilities that have been fixed in this release. The most probable reason for this is “responsible disclosure”. Opera’s changelog strongly hints that other applications (most probably browsers) are also vulnerable to the same exploits.
Last week, Opera Software released Opera 10.60 Beta 1, which propelled Opera to the front of the pack once again, in terms of rendering speed. The good news is that, if you are using Opera 10.60 Beta 1 or a newer build, you are already protected and you don’t need to downgrade to Opera 10.54.
[ Download Opera 10.54 ]
Yet another week and yet another major release from the folks at Opera Software. This time it’s the Mac users who have reason to celebrate. Opera 10.52 for Mac, which is the first stable build of the Opera 10.5x trunk for Mac, has been released.
Some of the highlights of this Mac release are:
- Improved UI: Opera 10.52 looks like a native Macintosh app and behaves like one, thanks to the Cocoa integration. The design has been overhauled to include a unified toolbar and other miscellaneous improvements.
Opera 10.52 for Mac: Peacekeeper Results
Opera 10.52 for Mac: Impact of Turbo onf Page Load Time
When coupled with Opera Turbo, which compresses webpages before routing them to your computer, Opera 10.52 can deliver blazing fast browsing speed.
- Multi-touch Support: Opera 10.52 also introduces multi-touch support, which takes advantage of the multi-touch trackpads present in modern Macbooks. Pinch to zoom or use two fingers to scroll and three fingers to navigate back and forth in your browser history, all from your trackpad.
The Windows build of Opera 10.52 mainly delivers bug fixes and performance improvements. Linux users have been left out for now. Nevertheless, Opera 10.5x for Linux has been making steady progress over the past few weeks and expect a final build within a few weeks.
[ Download Opera 10.52 for Mac or Windows ]
Opera Software has just released Opera 10.51 for Windows, which is a recommended security and stability update. As suggested by its version number, the changes are mostly under the hood and there are no new features.
This build addresses a couple of highly critical security issues, including the malformed HTTP Content-Length header issue, which we had discussed earlier;. The other security issue is related to XSLT (XSL Transformations). Due to a bug, it was possible to use certain XSLT constructs to retrieve random contents of unrelated documents (including sensitive data from previously visited websites).
The official changelog is fairly big and a large number of UI inconsistencies and bugs have been quashed in this release. Opera 10.51 can be downloaded from opera.com/download.
Opera is one of the really good browsers out there. The browser features many in-built capabilities like managing chat sessions on IRC, reading RSS feeds and working with browsing sessions apart from a common tabbed interface and a state of the art UI.
The browser has a serious and simple security hole which allows causing a buffer overflow by setting a particular header length for any HTTP packet. The exploit Opera crash if insufficient. The hack was discovered by Marcin Ressel, who is an author at hackown.
The vulnerability is caused due to an error when processing HTTP responses having a malformed “Content-Length” header. This can be exploited to cause a heap-based buffer overflow via an overly large 64-bit “Content-Length” value, having the higher 32-bit part negative.
[ Source ]
According to current reports, only version 10.5 of the browser is vulnerable to this type of an attack. The attack though, has no other impact than crashing the browser. The solution to the crash, is to enable DEP which prevents buffer overflows in software.
This bug was discovered at Vupen Security and they are claiming that hack can be used to remotely execute malicious codes and use remote computers as botnets which is quite contrary to what Opera officials are claiming.
Opera recently released the Opera 10.5, the fastest browser on earth. If you are someone who lives out of a USB stick, you do not need to download and install the Windows version. Previously mentioned Portable Opera, have released a new standalone version of Opera 10.5 which you can run from a USB drive.
If you have already been using an earlier version of Opera Portable, you can also download an updater, which will update your current install to Opera 10.5.
The portable version can also be used to try out Opera 10.5 without having to actually install it on your system. Either ways, I highly recommend Opera 10.5 to users as it is definitely the fastest browser available today.
Download Opera 10.5 for USB [via Download Squad]