Opera users should upgrade their browser software following the discovery of multiple security bugs.

Version 9.5.2 of the Windows version of the software fixes seven vulnerabilities, including a startup crash that creates a means for hackers to inject hostile code on certain systems (details here). There's also a fix for a cross-site scripting (XSS) bug, details of which Opera is withholding.

XSS flaws, in general, allow hackers to present the content of third party sites under their control in the context of a site they wish to impersonate. The approach is therefore useful in phishing attacks or other similar scams.

The Norwegian firm has published links to advisories about the other six security fixes. The latest version of the browser includes numerous stability and performance improvements as detailed in Opera's release notes here.

An overview of the vulnerabilities can be found in an advisory by security notification firm Secunia here. ®

Related stories

• Opera update plugs bug brace (5 November 2008)
• Opera scrambles to quash zero-day bug in freshly-patched browser (27 October 2008)
• Microsoft's IE 8 puts giant web hole on notice (20 August 2008)
• Mac users urged to ditch Safari (5 August 2008)
• Mozilla develops browser security metrics (8 July 2008)
• Opera update fixes stability bugs (4 July 2008)
• Built-in browser expiry proposed to fight botnet menace (3 July 2008)
• Browser makers throw up drive-by download barriers (9 June 2008)
• Opera screeches at Mozilla over security disclosure (18 February 2008)