Security & Privacy

Opera Web Browser Updated for Six Vulnerabilities

Posted on March 28th, 2012 by

The Opera web browser has been updated to version 11.62, fixing six vulnerabilities for the Mac version, several of which were considered “high” risk. An interesting vulnerability that was patched involved Overlapping content [that] can trick users into executing downloads. Opera describes this issue as follows:

Dialogs such as the download dialog are usually displayed on top of page content, to ensure that the user knows that the dialog is requesting attention. In some cases, this policy was not implemented correctly in Opera, allowing certain page content to overlay the dialog. In these cases, clicking the page content causes the dialog to be clicked instead. While an attacker may not have much control over the appearance of the overlapping content, they may be able to use it to trick the user into performing harmful actions, such as running a downloaded executable.

A similar issue whereby small windows could trick users into executing downloads was also patched.

Users can update the software using the program’s built-in updater (choose Opera > Check for Updates), or through it’s auto-updater (this can be turned on in Preferences > Advanced > Security), or from the Opera web site.