/>
X
Business

Safari 4.0.2 patches two security vulnerabilities

Apple yesterday released Safari 4.0.2 via Software Update and recommends the update for users on all platforms.
Written by Jason D. O'Grady, Contributor on

Apple yesterday released Safari 4.0.2 via Software Update and recommends the update for users on all platforms.

According to Apple's typically vague "release notes" the 40.2MB update improves the stability of the Nitro JavaScript engine and includes the latest compatibility and security fixes.

According to the knowledgebase article HT3666 the update addresses two security vulnerabilities that could be exploited by maliciously crafted Web sites.

The first security fix addresses a problem in WebKit's handling of parent and top objects which may result in a cross-site scripting attack when visiting a maliciously crafted Web site. The second addresses a memory corruption issue in WebKit's handling of numeric character references. Visiting a maliciously crafted Web site may lead to an unexpected application termination or arbitrary code execution.

If you use Safari 4 as your primary browser the update is highly recommended.

Editorial standards

Related

Southwest, United, and American Airlines have a new enemy -- the internet's ugliest site
Airplane wing in flight

Southwest, United, and American Airlines have a new enemy -- the internet's ugliest site

You can use an AI Time Machine to see what you'd look like in different eras throughout history
Photo renderings of a woman throughout different decades using AI Time Machine

You can use an AI Time Machine to see what you'd look like in different eras throughout history

Garmin's new Index BPM is the blood pressure monitor that I've been waiting for
garmin-index-bpm-lifestyle

Garmin's new Index BPM is the blood pressure monitor that I've been waiting for