Opera Rushes Out Another Security Fix

Alternative Web browser firm Opera has rushed out a new version to plug
“extremely critical” security flaws that lets intruders load and execute
malicious code on vulnerable machines.

For the second time in as many months, Norway-based Opera Software was
forced to push out a new version of its Opera 7 browser because of issues
surrounding security. The latest bug, which affects both versions 6.x and
7.x, was detected in the browser’s handling of filenames when showing the
“Download Dialog” box.

“The problem is that very long filenames are handled incorrectly. This
allows a malicious website to create a filename that causes a buffer
overflow which can be exploited to execute arbitrary code,” according to an
alert from IT security
services firm Secunia.

In releasing the new Opera 7.03 version,
the company confirmed the Secunia findings.

Secunia warned that exploits for the vulnerability are in the wild for
Windows, noting that “exploitation does not require user interaction as
Web sites can spawn the “Download Dialog” automatically.”

Just last month, Opera confirmed
five security holes
in its flagship browser, three of which were
considered “critical.”

In conjunction with the security fix in version 7.03, the company
announced the launch of its Opera
for Higher Education Program
, an initiative that allows schools to
register multiple licenses at reduced prices.

Opera, which sells an ad-free version of the browser for $39, said the
program is a hit with big-name schools like the Massachusetts Institute of
Technology (MIT) Media Lab, Harvard Law School’s Berkman Center, the
University of Illinois in the United States; the University Of Darmstad and
the University of Cologne, both in Germany; and the University of Cardiff,
Wales.

Like many others in the technology space, most noticeably Microsoft
and Sun Microsystems, Opera is
cozying up to the educational institutions to win adoption for its browser,
with competes directly with Microsoft’s Internet Explorer, AOL’s Netscape
and the open-source Mozilla project.

Opera said the University of Illinois at Urban-Champaign had already
deployed more than 40,000 licenses and described the reception by the
educational community as “absolutely fabulous.”

“Many institutions are relieved to finally be able to deploy a good
browser alternative campus-wide,” said Mary Lambert, Opera’s product line
manager desktop.

The Opera for Higher Education Program lets universities and colleges
register and use the browser ad-free for as little as $1.00 per license
compared to the $39 regular license price. Opera is available for free in an
ad-supported version.

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web