Apple pushes a vulnerable Opera browser

By on
Apple pushes a vulnerable Opera browser
Lara604, CC2.0

Apple users might ditch the App Store and go it alone, experts say.

Apple Mac users could be using an outdated, vulnerable version of Opera.

According to research by Joshua Long, the Apple Mac Store is not alerting users to security risks who may continue to use an unsafe version of the Opera browser.

Opera released a fix for a ‘critical' security issue recently but version 11.0.1, released back in March that is vulnerable to the security bug patched in 11.11, could still be used.

“Users who rely on the App Store to tell them whether their software is up-to-date may not be aware of the security risks and may continue to use an unsafe version of the Opera browser," Long said.

“I have notified Apple and Opera about this issue.  An Opera representative acknowledged that ‘we are waiting for the App store to approve the next version of Opera for Mac. For now the only solution is to go to www.opera.com/download'.”

In a blog, Long also claimed that the current version of Amazon's Kindle app is 1.5.1, while the version in the App Store is still 1.2.3, which was released in January.

“Amazon does not publicly disclose its changelog, so there is no easy way to know whether any security issues exist in Kindle for Mac version 1.2.3”, he said.

He recommended dragging an outdated app from your applications folder into the Trash (which will require an administrator password due to the way the App Store installs apps), then drag the current version of the application from the developer's website into the applications folder.

“Put in simple terms, Apple seems to be falling short of the promise it makes in its promotion of the App Store that it ‘keeps track of your apps and tells you when an update is available' and that ‘you'll always have the latest version of every app you own', Sophos senior technology consultant Graham Cluley said.

“So the key question is, how quickly is Apple going to approve the latest Opera update and other software which might have been updated to secure against critical security vulnerabilities, for the App Store?

“Because if Apple can't update software containing critical security patches to the App Store in a timely fashion, users might be wiser getting their software via a more conventional route.”

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?