Critical browser vulnerabilities over the weekend


    Over the weekend, two exploits using critical vulnerabilities for Internet hit the Internet: IE 6.x / 7.x and Opera. Under cat examples and solutions

    1) IE 6.x / 7.x

    The vulnerability allows a visit to a specially crafted web page to cause the application to crash and execute arbitrary program code. The

    exploit will lead to IE crash (6/7)

    Remedy: currently not, or install the latest version of IE 8

    2) Opera

    In Opere 10.01, due to improper allocation of memory for floating point numbers, a specially formed web page can cause memory corruption and arbitrary program code execution in the context of the running application.

    An exploit (assigning a variable number with a very long decimal part) ( link )

    (This is not HTML, but PHP code) causes a crash for versions 10.01 (the latest available at the moment), possibly earlier.

    Remedy: The vulnerability was fixed in Opera 10.10 Release Candidate 3, in the near future the final version is expected from the manufacturer Opera SoftWare

    So be on the alert and always use only the latest software versions (especially browsers)

    UPD .:
    Opera 10.10 released, Upgradeable

    Also popular now: