The four security fixes are part of a larger Safari 3.0.2 beta release for Mac OS X and Windows. Both packs contain stability fixes in addition to the security update.
Only one of the four vulnerabilities for the Windows version could allow for remote code execution. The flaw lies in the WebKit component used by Safari.
This could be exploited by an attacker to launch an exploit by directing the user to a specially crafted webpage. This page could cause an application crash and give the attacker the ability to install malware on the victim's computer.
Two of the vulnerabilities could leave users open to cross-site scripting attacks, while the remaining flaw gave attackers the ability to spoof legitimate websites.
The fourth vulnerability allows an attacker arbitrarily to edit the information that appears in the URL bar. An attacker could exploit the vulnerability to make a malicious site appear with the URL of a trusted one.
Mac users will see two security fixes in the Safari update. Both the WebKit and HTTP-injection vulnerabilities affect OS X as well as Windows.
The updates also contain stability fixes for 16 performance and stability bugs in Windows and nine in OS X.
Microsoft seizes control of phishing sites linked with Russian state hackers
Fitness trackers over-estimate the number of steps their users take, analysis of 67 research reports suggests
Everything we think we know about the imminent Apple iPhone 9, iPhone 11 and iPhone 11 Plus launches
All the latest rumours about Apple iPhone Displays, CPUs, launch dates and even prices
Nvidia brings Turing microarchitecture into the high-end gaming segment