Opera is a browser that I have often mentioned whenever vulnerabilities in Internet Explorer has been published (which happens a lot more often than I comment on it, but thats a digression).
But all was not good in the paradise of the Opera browser I found out today.
The Register writes:
vulnerability in Opera 6.01 and 6.02 for Windows allows a malicious Web site to grab any file off a client’s local drive with ease, GreyMagic Software has discovered. That’s the bad news. The good news is that affects only Windows, and it’s fixed in version 6.03 which is now available for download. Version 6.0 is not affected.
If you are using Opera, it would be wise to go get it updated.
[Via The Register]
It would be good to get updated, true, but I think you’re still likely in a safer position with Opera… because there are fewer people using this browser it is less likely than a malicious site would find it valuable to exploit this vulnerability.
Looked at another way, a monoculture is more susceptible to infestation than a diversified ecosystem would be…?
I think its naive to think someone wouldn’t take advantage of a highly publisised vulnerability, even in a browser with just a few prosent penetration in the browser market. Add those few prosent up, and you are very likely to come accross users of the browser if you run a site with a fair amount of traffic (and one that can be accessed with someone other than the very latest release of Internet Explorer, of course).
Granted. Its more interesting to target vulnerabilities in a browser with the penetration that Internet Explorer has. Which makes me wonder why I am still using the IE browser regulary – fully knowing that it has some serious security vulnerabilities that have yet to be fixed. I guess I am pretty naive too.