We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,696 News Articles

Opera struck by bizarre hidden hole

Latest browser to suffer

A bizarre security bug in the Opera web browser could trick users into running malicious code, security experts have warned. The hole is similar to one discovered in Internet Explorer and patched by Microsoft only yesterday.

The flaw involves the way Opera processes mouse clicks in new browser windows, according to Secunia. The mouse-click bug can be used to hide a "File Download" dialog box underneath a new browser window, which responds to mouse clicks even though it isn't visible.

Because the "Run" button of the dialog box appears in a predictable position, an attacker could trick the user into activating it by clicking in a specific area in the new browser window, Secunia said.

"This will result in an unintended click of the "Run" button in the hidden "File Download" dialog box," the company said in an advisory.

Secunia notified Opera of the bug in June, and it was fixed in July, but disclosure was delayed while Microsoft fixed a similar bug in Internet Explorer, Secunia said.

The flaw is eliminated in Opera version 8.02, available from Opera's website. Version 8.01 is affected, and previous versions are likely to be affected as well, Secunia said.

This story first appeared on Techworld.com


IDG UK Sites

Motorola Moto G2 release date, price and specs: Best budget smartphone gets upgrades

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

How to make an 'Apple iWatch' using an iPod nano and a 3D printer