Opera Software confirms it is developing a patch to fix a serious security vulnerability in its Opera desktop browser software. The Norwegian browser vendor does not provide a timetable for fixing this security vulnerability. However, a spokesman for Opera says the company will release the patch as soon as possible. Secunia, a security vulnerability tracking vendor in Denmark, lists this vulnerability as a "very serious" level security vulnerability. This is the second most serious security vulnerability among the five security vulnerability levels. Attackers can exploit this security vulnerability to destroy memory, cause Opera Browser to crash, and theoretically execute attack code.
According to researchers who last week published proof-of-concept attack code on the Internet, this security vulnerability affects Opera 10 and the latest version of Opera 10.50 browser software last week.
Opera once denied the Initial Report on the security vulnerability of Secunia, saying that this software flaw is not a security issue because attackers can only cause a browser crash and cannot control the user's PC. At the tip of Secunia and after further investigation, Opera acknowledges that this security vulnerability can be exploited.
Opera Spokesman Thomas Ford said the vulnerability still caused a browser crash in a 64-bit environment. However, in a 32-bit environment, this vulnerability can be used to move the memory from one location to another without causing software crash. Ford belittle this danger, saying that any code that exploits this security vulnerability may not be able to reliably threaten users.
Ford said that this problem is considered a security issue. Even if this vulnerability is still theoretically available, we are also preparing to provide a patch and testing the patch. We plan to release an Opera Software Update soon.
Related Articles]
- Is Opera, IE, and Firefox safer than Safari?
- Who is the safest browser, Internet Explorer?
- Download: Safari 3.1 browser released by Apple