Serious security holes fixed in Opera – but Mac App Store users left at risk again

Graham Cluley
Graham Cluley
@[email protected]

Opera and App StoreOpera has released a new version of its web browser – version 12.13 – and recommended that users update their installations to benefit from a series of security fixes as well as the usual “stability enhancements”.

Version 12.13 of Opera for Windows, Mac and Linux is available for download from the Opera website, and you can read about the fixed security issues (including a high severity vulnerability that could be exploited to cause the web browser to crash, and in some cases execute arbitrary code such as malware, and another about how Opera handles boobytrapped SVG files) in their changelog.

It should go without saying that if you use Opera, you should update to version 12.13 as soon as possible.

But… what if you didn’t get your copy of Opera from the official website?

Sign up to our free newsletter.
Security news, advice, and tips.

What if, instead, you acquired your version of Opera for Mac from Apple’s Mac App Store?

Old version of Opera in Mac App store

Well, bad news folks. Because at the time of writing the new, freshly fixed version of Opera isn’t available for you.

The Mac App store still has version 12.11 of OperaWorse still, the version of Opera in the Mac App Store is still stuck at version 12.11.

Which means that Apple hasn’t even updated it to version 12.12 which came out on the 18th December 2012! Who knows when Apple will get around to protecting those poor App Store customers with version 12.13…

In short, the version of Opera on the Mac App store is now a full two versions out of date.

The Mac App Store may be a convenient one-stop-shop for Mac users to get their software from, but it sure does a poor job at keeping that software up-to-date and ensuring that users are protected against the latest vulnerabilities.

Apple's promotion of App Store updatesAnyone who is relying on the App Store to keep their Opera browser updated, and free from security vulnerabilities is being let down badly.

As researchers like Josh Long have described before on Naked Security, the problem here is that Apple is taking too long to approve software it posts into its App Store – making its promise that the App Store “keeps track of your apps and tells you when an update is available” and that “you’ll always have the latest version of every app you own” a joke.

My advice to Opera users is to not get their software from the Mac App Store. Get it directly from Opera’s own website instead.

Some software, such as internet browsers, are simply far too risky to use if you can’t trust them to be the very latest version.

By the way, isn’t it a good thing that Mac users don’t have to rely on Apple for updates to Java anymore?

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.