Apple releases second Safari patch in a week

Apple releases second Safari patch in a week
Apple Computer released a second patch in just over a week for its Safari beta for Windows operating system. The company revealed that the latest patch fixes some of the security holes in the previous version and also improves iChat, Mail and Dashboard.

The patch fixes the access problem to window properties, preventing malicious websites from cross-site scripting and can be used for both Windows and Mac OS X versions. While the patch corrects the XSS bug for both the versions, it also fixes vulnerability in the browser for Windows, using which attackers can acquire personal information from users.

The patch was released along with the 2006-07 updates for Mac OS X 10.3 and 10.4 versions. Apple warned users of the Mac versions to download the updates since it fixes the memory corruption vulnerability, which when exploited can give complete control of the Mac to the hacker.

"Visiting a maliciously crafted Web page may lead to an unexpected application termination or arbitrary code execution", the company said. The update also fixes a cross-site scripting flaw (XSS) in the browser, which will direct users to phishing sites, using which hackers can steal valuable information such as credit card numbers or passwords.

The patch can be downloaded from Apple's website or by using the Apple Software Update utility.