However, in regards to your comment about Opera not having an auto-updater, they actually added a very good one back in September with the release of Opera 10.

http://help.opera.com/Windows/10.52/en/autoupdate.html

Like or Dislike: 0  1

That said, I’m in no way questioning the load percentage or the ability of iPack to find and target vulnerabilities in Opera. What perplexes me, however, is the wildly disproportionate traffic numbers associated with Opera. As I stated above, Opera’s worldwide market-share is barely 2%. Firefox is roughly 25% and MSIE just above 60%. So why on earth does this sample reflect traffic numbers for Opera that are greater than that of Firefox and just under 50% of that MSIE?

This specific sample provides traffic numbers that are clearly not representative of real world browser use; therefore, I find it difficult to assess the validity of its overall findings.

Like or Dislike: 2  0

Tom — If you’re referring to the larger image at Jorge’s site, I can’t speak to the validity of those numbers. But you’ll see from that image that of 177 times an Opera user hit the exploit pack, 17 times it actually found a vulnerability to exploit. That’s about 10 percent of the time. Not terribly hard to believe, given that Opera does not contain anything close to an auto-update feature. My guess is a large percentage of Opera users surf with older insecure versions (in fact, studies have suggested this is the case with Opera more than any other major browser).

Jorge’s list of exploits doesn’t include mention of an Opera-specific exploit, although the PDF reader plugins et. al can certainly be an effective infection vector with Opera as well. I mention it only because when I wrote about the Eleonore kit that Wladimir was referencing above, I later learned that the version of the kit I was looking at indeed included an Opera-specific vulnerability (I think it was a telnet flaw)

Well-loved. Like or Dislike: 5  1

Since Opera is my primary browser, I also noticed the disproportionate level of traffic and successful loads affecting it. Given Opera’s minuscule worldwide market share, this data just doesn’t make sense. In fact, it really makes me question the validity of the entire data set. Per these stats, Opera’s “traffic” was more than that Firefox and almost half that of MSIE (all versions), yet Net Applications’ April browser market share data shows that Opera currently has barely 2% worldwide penetration.

Like or Dislike: 1  1

Other than a popup that warns you “hey, this PDF wants to run this file”, the code will run and bad things can happen.

With Foxit (until a very recent fix) the exploit would run without even the popup to warn you – The issue is with the PDF specification, not with a program bug.

Like or Dislike: 2  0

Some of the attacks against PDFs were are seeing (not necessarily these) exist across multiple PDF readers. For example, yesterday I blogged about a large-scale spam run that spreads Zeus using the launch feature built into both Adobe and Foxit.

Well-loved. Like or Dislike: 6  0