In 2013 is Opera gestopt met het ontwikkelen van zijn eigen browser-engine Presto en overgestapt naar Blink, een afgeleide van Webkit. Blink bevat echter geen mailclient, die wel in de 'oude' Opera aanwezig was. Om oude gebruikers tegemoet te komen is onder de naam Opera Mail een losse client gebouwd. Na lange tijd van stilte is er een update verschenen, voor zowel Opera Mail als de oude op Presto gebaseerde browser. In de nieuwe versie zijn oude en als niet veilig bekend staande beveiligingsprotocollen uitgeschakeld en is ondersteuning voor enkele nieuwe toegevoegd.
Opera 12 and Opera Mail security update
We realize that those of you on old operating systems like Windows XP SP1 and older are left without much choice beyond using our Presto-based browser. With security standards on the web changing so much we didn’t want to leave you completely alone (even though we are not updating this product any longer) – we’ve just released an update for Opera 12, the last, stable Presto version.
In order to make your browser, and its mail client, function well on the present-day web, we’ve made a few changes, with a focus on the security aspect. The most important change is the support for ECC cipher suites used in secure connections. Another addition is GCM. Opera 12 now supports the same set of ciphers as other modern browsers. We have seen that many domains are relying on ECC certificates, thus making Opera 12 unable to connect. Similarly most clients using TLS have deprecated RC4 from the list of secure ciphers. We have done the same in this update. There is a setting to turn it back on, in case you need it. Since more servers are supporting TLS 1.2, we have enabled that by default.
Along with the Opera 12 update, we have also decided to update Opera Mail. Recently we were notified of a security issue in the standalone mail client by a security researcher, Zhen Hui Lee from Future Team. This vulnerability may allow code execution on the user’s machine using a carefully crafted message and some specific user interaction. As a company, we are committed to the security of our products, so we took necessary steps to fix this issue.
Those of you who use Opera 12 and Opera Mail should be auto-updated to the latest version soon. Those who prefer offline updates can download the releases of Opera 12 and Opera Mail. You should know that the above-mentioned security issue affects only the Windows version of Opera Mail. Further, as we don’t see a significant number of users of Opera 12 and Opera Mail on non-Windows platforms, we won’t be updating for those.
Finally, even with this security update being issued, we would urge those of you still using Windows XP SP1 and older to upgrade to a newer/supported OS and then to the latest Opera 35. This is essential, since the web is a constantly changing platform and a product not being given any measure of development time cannot stay secure and functional. Today’s websites are also relying on modern technologies and features, which need up-to-date versions of browsers that support them.