Opera has patched a brace of critical vulnerabilities with the release of the latest version of its web browser.
The release notes accompanying Opera version 9.60 focused on features such as speed improvements and a cleaner layout for feeds. But underneath the bonnet, a couple of security vulnerabilities have been patched.
Firstly, the improper validation of URLs left users of earlier versions of the browser at risk from code injection attacks. The bug was unearthed by security firm Matasano. More details on the implications of the bug can be found in a bug entry here.
The second flaw involves the unsafe storage of cached Java applets, which created a possible mechanism for hackers to harvest sensitive information.
An quick overview of the flaws can be found in an advisory by security clearing house US CERT here. ®