14 DAY TRIAL // The serious Opera vulnerability everyone was talking about for a few days has been patched with the release of the 11.52 version. The release also comes with an explanation to the fact as why the vendor ignored the issue.
“At Opera, we take security very seriously, and you can be sure that we would not choose to ignore exploitable security vulnerabilities,” said Sigbjorn Vik on Opera's security blog before further explaining the situation.
Their side of the story reveals that in April they were contacted by a group of security researchers (probably Vazquez and his team) who informed them of some weaknesses in the browser. By the time the 11.11 variant came out, most of the issues were fixed, except for the one mentioned recently.
According to Sigbjorn, the extensive tests they made could not reproduce the SVG problem to show the flaw so they reached out to the research team for further explanations.
“Among other things, we asked if there was a known way to reproduce it in then-current Opera releases. No further information could be obtained,” the representative wrote.
They blame Vazquez for being irresponsible as he should have contacted them first, instead of putting so many users at risk.
“In this case, the issue had only been confirmed for older versions of Opera, not the current version at the time of it being reported, and the recently published information contained details that were not included in the original report, and which appear to be relevant to reproducing the issue,” Sigbjorn added.
It's uncertain if a communication error is behind the misunderstanding or some other reason. The only clear thing is that Opera customers should immediately update to the newer version to avoid any unpleasant incidents that might affect the integrity and safety of their digital assets.