Opera 10.62 Is Out with Security and Stability Improvements
This July, Norwegian developer Opera Software rolled out version 10.6 of its Opera browser. This August the developer updated the browser to version 10.61 to fix a high severity vulnerability that could allow the hacker to execute harmful code and take complete control of a target computer. This September Opera Software has once again updated its browser to version 10.62.
“Opera 10.62 has been released as a recommended upgrade offering security and stability enhancements. Thanks to everyone who helped out with testing! If you are ready for more, we've got some nice things coming up on the 10.70 branch in the coming weeks and months,” announced Håvard K. Moen, tester on the Opera Desktop Team.
SPONSORED LINKS
Opera 10.62 fixes a high severity vulnerability that could allow a person with malicious intent to run arbitrary code by getting the Windows operating system to load a malicious DLL file. Here are the details about this vulnerability that Opera Software released:
Title: Malicious DLL files can be unintentionally loaded and allowed to run arbitrary code Severity: High. Opera Software uses a 5-tier severity rating: none, low, moderate, high, and critical. Description: Opera uses dynamic link libraries (DLLs) of its own, and several provided by the host operating system or plug-ins. In some cases, Opera searches for these DLLs in the same location as a resource that is being loaded, and if a malicious DLL is located, it will load that as if it were a trusted DLL. The code in the DLL will then be executed. If another application can be made to launch Opera in such a way that it searches for DLLs in that location, it will allow remote code execution. To place a malicious DLL in a location that Opera will search, additional techniques will have to be employed.
For security reasons, all Opera 10.6x users are well advised to update to the latest version. Opera 10.62 is available for download here. Changelog for the Windows version available here.
As a little side note, this DLL vulnerability has also been fixed in Firefox 3.6.9.