Thursday, July 9, 2009

Safari Update Now Available for Download

Apple has released Safari version 4.0.2 for Mac OSX 10.4 and 10.5, Windows XP, Vista, and 7 beta which, according to the release notes, improves the stability of its Nitro JavaScript engine, and also includes two security fixes.

The said security fixes addresses the issue on Webkit's handling on the parent and top objects which may result in a cross-site scripting attack when visiting a maliciously crafted website, as well as its handling of numeric character references which causes memory corruption. Apple has posted a knowledge base article on these two vulnerabilities, and more information can be found here.

This 40MB update is available via Software Update, or by manual download in the Apple website.