Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Heads up Opera users. New Vulnerability.

08 Mar 2010   #21
Carbonyl

Windows 7 RTM
 
 

Quote   Quote: Originally Posted by sa1 View Post
Don't know why I am not configured to receive PMs but I didn't find an option.
However I found the php exploit on the web.
I was not able to make it run on my localhost. Not sure if there are any requirements.
Regarding the DoS problem, thats not a security issue in my opinion, more a stability issue. You won't be compromised that way.
Edit: haavard posted yet another message:
Twitter / Haavard: Our devs have looked furth ...
Interesting. Thanks for the information.

Not sure if you're still following this thread, or the one over on the Opera boards, but someone dropped a link to a PoC exploit that made some of the user's anti-virus go nuts. Since the intrusion in question was labeled as a Trojan, and since the vulnerability itself is too new to have been picked up by A/V vendors, it's a good bet that someone was using this new exploit to distribute old malware. I'd say remote code execution is possible and confirmed.


My System SpecsSystem Spec
.
09 Mar 2010   #22
sa1

Win XP
 
 

I don't know how antiviruses work but the link contained the same PoC code that I had earlier seen. That link itself linked just to a security site containing the PoC and didn't make the php even run so the AV was likely detecting the php code itself and not any other code getting executed. If malware sites had begun using the code in their sites, a malicious link observed in the wild would have had come up by now. I feel its still a potential exploit rather than a known one and I hope that a patch comes up soon.

Though this is offtopic those complaining about Win7 integration, you can disable it via this config option:
opera:config#UserPrefs|UseWindows7TaskbarThumbnails
(Paste and go on your address bar.) and those complaining about adblock on opera,
http://www.fanboy.co.nz/adblock/opera/
which works as well as ABP on ff except that you have to manually update the file once in a while.
My System SpecsSystem Spec
09 Mar 2010   #23
zezasu

Windows Seven x64
 
 

Quote   Quote: Originally Posted by sa1 View Post
I don't know how antiviruses work but the link contained the same PoC code that I had earlier seen. That link itself linked just to a security site containing the PoC and didn't make the php even run so the AV was likely detecting the php code itself and not any other code getting executed. If malware sites had begun using the code in their sites, a malicious link observed in the wild would have had come up by now. I feel its still a potential exploit rather than a known one and I hope that a patch comes up soon.

Though this is offtopic those complaining about Win7 integration, you can disable it via this config option:
opera:config#UserPrefs|UseWindows7TaskbarThumbnails
(Paste and go on your address bar.) and those complaining about adblock on opera,
Fanboy's Adblock List for Opera
which works as well as ABP on ff except that you have to manually update the file once in a while.
Thanks for the tip, that wasn't an option before. Never checked it again. ^.^
My System SpecsSystem Spec
.

10 Mar 2010   #24
sa1

Win XP
 
 

My System SpecsSystem Spec
Reply

 Heads up Opera users. New Vulnerability.




Thread Tools




Similar help and support threads
Thread Forum
Heads up for Gadget users
I went to MS site to check upgrade just for the heck of it and all gadgets are gone. Tried reinstall and not only did I have to be admin, which I am, I was told to go and beg "trusted installer" for permission . System restore to the rescue. They are all back. Art.
Customization
Heads up for Gmail Users
I noticed this behavior with my Gmail late last week: There is another more involved thread here: Sender Address No Longer Appears When Hovering Over Sender in Inbox The Moderators there have escalated the concern to the Gmail Team, and I will be monitoring the thread for any updates.
Browsers & Mail
Highly Critical Vulnerability Discovered in Opera 10.52
Patch available. See link in Security - https://www.sevenforums.com/system-security/81676-highly-critical-vulnerability-discovered-opera-10-52-a.html#post710978
Browsers & Mail


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:01.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App