Opera may be used as a vector for multiple font issues in the underlying operating system – Opera Security Advisories

Affected versions

This vulnerability may be targeted through Opera for Windows.

Severity

Critical

Description

A flaw in the font handling on the Windows operating system has been fixed by Microsoft – see bulletins MS10-091 and MS10-063. On unpatched systems, Web fonts may be used to exploit this issue through Opera.

Opera’s response

Opera urgently recommends that all Windows users apply the patches from Microsoft, and use fully patched Windows installations.

Credits

Thanks to Marc Schoenefeld of the Red Hat Security Response Team for reporting this issue to Opera Software. The fix for the issue was coordinated by Microsoft’s Security Response Team.