Apple has released an update to its Safari browser to fix two security flaws that could allow cross-site scripting or code execution attacks by compromised websites.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The vulnerabilities in the open source WebKit browser engine affect Safari for Windows (XP and Vista) and Mac OS X, according to the Apple support site.
Safari 4.0.2 has improved handling of "parent and top objects" and improved handling of "numeric character references" to address these vulnerabilties, said Apple.
Safari 4.0.2 is available via the Apple Software Update application or Apple's Safari download site.