diff options
Diffstat (limited to 'published/Webmonkey/Monkey_Bites/2007/05.21.07/Wed/opera.txt')
| -rw-r--r-- | published/Webmonkey/Monkey_Bites/2007/05.21.07/Wed/opera.txt | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/published/Webmonkey/Monkey_Bites/2007/05.21.07/Wed/opera.txt b/published/Webmonkey/Monkey_Bites/2007/05.21.07/Wed/opera.txt new file mode 100644 index 0000000..4f3f842 --- /dev/null +++ b/published/Webmonkey/Monkey_Bites/2007/05.21.07/Wed/opera.txt @@ -0,0 +1,10 @@ +<img border="0" alt="Opera2" title="Opera2" src="http://blog.wired.com/photos/uncategorized/opera2.jpg" style="margin: 0px 0px 5px 5px; float: right;" />Opera has dashed off a security fix for Windows users which plugs a critical hole in the browser that allowed attackers hijack Windows machines by feeding them a malicious torrent file. + +According to a [security advisory][1] on the Opera site, "a specially crafted torrent file can cause a buffer overflow in Opera. This allows arbitrary code to be injected and executed." + +The exploit was only possible if users right-clicked on a malicious torrent in the transfer manager. Clicking a torrent link itself would not tricker the flaw. + +Opera patched the flaw in a [security update][2] (version 9.21), which is a recommended download for all Windows Opera users. + +[1]: http://www.opera.com/support/search/view/860/ "Advisory: Malicious torrent files can execute arbitrary code in Opera" +[2]: http://www.opera.com/download/index.dml?opsys=Windows&lng=en&ver=9.21&platform=Windows&local=y "Download Opera 9.21"
\ No newline at end of file |