The recently-launched Apple browser, Safari for Windows, has received its second lot of patches since its debut earlier this month.
Apple has posted the latest version of the beta software, 3.0.2, on its Web site, containing security fixes as well as other tweaks.
The browser was first released by CEO Steve Jobs at the company's worldwide developer conference earlier this month. Within days, security vulnerabilities had been unearthed by researchers prompting the Mac maker to issue its first patch batch. Just over a week later, and Apple has released a second security upgrade.
The quickly-forthcoming nature of Apple's patches has divided opinion among industry watchers, with some praising the company's quick response to flaws and others criticizing the fact they have appeared at all.
According to James Turner, industry analyst at IBRS, the question of security updates is not likely to be one bothering businesses.
"The majority of Safari users are the people who will readily chop and change their browser. They are the technically advanced, the home users, the curious, and the Apple fanatics. So, the bugginess of Safari is more of an inconvenience to the early adopters, rather than a serious issue. Yes, it’s sloppy, but it’s not that important. The stakes will increase dramatically if the iPhone starts getting similar market share to the iPod," he said.
The second security update fixes a flaw that could allow malware writers to spoof the contents of the browser's address bar, potentially fooling users into divulging sensitive information such as online bank details and passwords. The issue does not affect Macs running the browser.
The latest version of the Safari beta for Windows, available from the Apple Web site, includes improved stability and fixes for text display, non-English systems and start-up times. Its Mac equivalent also contains the security plugs and boosted stability as well as better WebKit support for Apple's Mail, iChat and Dashboard software.
The security element of the Mac Safari patch plugs a hole that could allow cross-scripting attacks to be launched if a user visits a malicious Web site.