Critical Fix for the Opera browser, New Winamp Flaw
Opera today released an update to its Web browser that closes a number of security holes, including one the company rates "Extremely Severe."
The flaw would allow a specially crafted jpeg image to crash Opera and run any command on your PC, which is about as bad as it gets: If you browsed a site with one poisoned image, you could end up with malware.
The new version, 9.64 (release notes), also adds support for two Windows security mechanisms, Data Execution Prevention (DEP) in Windows XP and Address Space Layout Randomization (ASLR) in Windows Vista. So if you use Opera, get this must-have fix by clicking Help | Check for Updates. Opera still annoys with a lack of an auto-update feature, so you'll have to download and run the 5.4 MB installation file to upgrade.
Meanwhile, Secunia warned today of a security flaw in the Winamp media player that can also allow an attacker to have his way with your PC if you open a malicious CAF audio file. Secunia reports that the flaw exists in the latest downloadable version, 5.55, as well as 5.541 and possibly other versions as well. And there's no word yet of a fix, so be extra careful with CAF files.
News - Critical Fix for the Opera browser, New Winamp Flaw