Opera has patched a brace of critical vulnerabilities with the release of the latest version of its web browser.

The release notes accompanying Opera version 9.60 focused on features such as speed improvements and a cleaner layout for feeds. But underneath the bonnet, a couple of security vulnerabilities have been patched.

Firstly, the improper validation of URLs left users of earlier versions of the browser at risk from code injection attacks. The bug was unearthed by security firm Matasano. More details on the implications of the bug can be found in a bug entry here.

The second flaw involves the unsafe storage of cached Java applets, which created a possible mechanism for hackers to harvest sensitive information.

An quick overview of the flaws can be found in an advisory by security clearing house US CERT here. ®

Related stories

• Opera update plugs bug brace (5 November 2008)
• Opera scrambles to quash zero-day bug in freshly-patched browser (27 October 2008)
• Microsoft, Apple trumpet bevy of critical vulns (10 October 2008)
• Bad hair day for alternative browser users (19 October 2007)
• Opera hit by buffer overflow glitch (19 October 2006)
• Ssshhh! Opera slips out security update (17 June 2005)
• Firefox loses its shine (13 May 2005)