Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Apple Mac users could be using an outdated, vulnerable version of Opera.
According to research by Joshua Long, the Apple Mac Store is not alerting users to security risks who may continue to use an unsafe version of the Opera browser.
Opera released a fix for a ‘critical' security issue recently but version 11.0.1, released back in March that is vulnerable to the security bug patched in 11.11, could still be used.
“Users who rely on the App Store to tell them whether their software is up-to-date may not be aware of the security risks and may continue to use an unsafe version of the Opera browser," Long said.
“I have notified Apple and Opera about this issue. An Opera representative acknowledged that ‘we are waiting for the App store to approve the next version of Opera for Mac. For now the only solution is to go to www.opera.com/download'.”
In a blog, Long also claimed that the current version of Amazon's Kindle app is 1.5.1, while the version in the App Store is still 1.2.3, which was released in January.
“Amazon does not publicly disclose its changelog, so there is no easy way to know whether any security issues exist in Kindle for Mac version 1.2.3”, he said.
He recommended dragging an outdated app from your applications folder into the Trash (which will require an administrator password due to the way the App Store installs apps), then drag the current version of the application from the developer's website into the applications folder.
“Put in simple terms, Apple seems to be falling short of the promise it makes in its promotion of the App Store that it ‘keeps track of your apps and tells you when an update is available' and that ‘you'll always have the latest version of every app you own', Sophos senior technology consultant Graham Cluley said.
“So the key question is, how quickly is Apple going to approve the latest Opera update and other software which might have been updated to secure against critical security vulnerabilities, for the App Store?
“Because if Apple can't update software containing critical security patches to the App Store in a timely fashion, users might be wiser getting their software via a more conventional route.”
This article originally appeared at scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.