Opera Software on Thursday updated its Windows browser to patch three security vulnerabilities.
According to the change log posted by the company, Opera 8.02 fixes a trio of bugs, including a pair that Danish vulnerability tracking company Secunia tagged as "moderately critical."
One of that pair lets attackers spoof the file extension of a downloaded file, a way to trick a user into pulling down an executable file by disguising it as, say, an image file. Because that vulnerability relies on the Arial Unicode MS font, users who have installed Microsoft Office are most at risk, said Secunia.
The other critical vulnerability involves a cross-domain scripting bug, but requires the attacker to convince a user to drag and drop a malformed filed onto an Opera window.
The third patched vulnerability closes a link hijacking gaffe in the browser.
Opera 8.02 also sports improvements in the browser's spell checker and in how files are downloaded from Web sites, Opera said.
The update can be downloaded from the Opera site.