Web www.software-risk.co.uk

A beta of the new Opera browser has been released. A flaw that allowed for potential phishing attacks has been closed.

Previously Opera supported Internationalised Domain Names (IDN). Unfortunately, the protocol allowed the bad guys to direct users from a trusted site to a fake one. Users would then be requested to divulge information, particularly user names and passwords.

The vulnerability centred on on the font used by Opera to display certain international characters. Other browsers affected include the popular Firefox from Mozilla.

Ironically the much maligned Internet Explorer was not affected, as it never supported IDN.

Opera's fix depends on the domain name. Only localised domains from certain selected top level domains (TLDs), with strict policies are displayed.

Security certificate support is also increased.

The download is available here.

Related Articles
Online Fraud Surges
Iconix Joins Anti-Phishing Working Group
BLAST Beta Tested
Phishing Growth Continues Unabated
Digital Insight Beefs Up Security
Anti-Phishing Group Pushes Washington
Identity Theft Concerns Hit Online Economy
Internal Attacks Surpass External

Similar Areas

Web Items

Security Items

Finance Items

Internet Items

Internet Security Items

Selected Books

Keywords

Opera

beta testing

phishing

Internationalised Domain Names

IDN

Opera vulnerability

IDN vulnerability

open source browsers

TLD