Apple Plugs Windows Safari Security Holes
21 Comments
Just days after its beta release of Safari 3 for Windows became a zero-day nightmare with a number of exploitable vulnerabilities, Apple has rushed out version 3.01 to fix three security flaws. The problems only affect Windows, not the Mac OS X release.
The 3.01 update patches a bug that could lead to Safari running arbitrary commands via CMD.EXE, a denial of service crash due to memory corruption, and a flaw that could lead to a cross-site scripting attack. Windows XP and Vista users can download Safari 3.01 from FileForum.