Apple has issued a security update that repairs five vulnerabilities in its OS X operating system and bundled applications.

The patch corrects problems caused by an update published two weeks ago which aimed to repair problems exploited by a series of worms and proof-of-concept code.

The most serious of the flaws could allow an attacker to execute arbitrary code using the Safari browser or Mail application.

Apple does not provide severity ratings for its updates, but security firm Secunia gave the update its highest security rating of 'extremely critical'. 

The latest patch again addresses an issue in which Safari could automatically open a malicious file crafted to look like a safe file type. The update introduces additional checks to files that are downloaded to verify their identity.

The update also deals with file archives containing JavaScript, which in some cases can bypass OS X security settings. The update flags the documents as unsafe, prompting the user before the download.

A second patch prevents buffer overflow attacks through Apple's Mail application that could have been triggered by enticing users to open a specially crafted email attachment.

The patch introduces 'bounds checking' for attachments, ensuring that certain parameters are of the expected size and thereby preventing buffer overflows.

The update also repairs an issue caused by the previous update after the Download Validation feature started warning users when they downloaded file types that should have been labelled as safe.

"These unneeded warnings are removed with this update," Apple said in a security bulletin on its website. 

Users can apply the patch through OS X's software update feature or by manually downloading the file from Apple's website.