Apple Safari for Windows now in its fourth beta
Following another revision of its Safari 3 web browser for Windows, Apple is making the fourth beta version available for download just over than three months after the last beta. The company has fixed a number of bugs, some of them critical, and has added new features.
Two security holes enable intruders to inject and execute malicious program code via manipulated websites. One results from flawed handling of the browser's status bar, while the other is caused by the vulnerable version of Freetype that Apple uses. Other vulnerabilities enable cross-site scripting attacks or allow intruders to obtain confidential information. One hole enables content transferred via HTTPS to be accessed within the same domain and even to be manipulated.
Those who have chosen to work with the previous Safari beta despite Apple's warning not to use it in an operational environment, should download and install the latest version as soon as possible. Otherwise, they leave the doors open to anyone wishing to take advantage of these now well-publicised critical security holes.
- About the Safari 3 Beta Update 3.0.4 for Windows, guide to the Safari Beta 4 from Apple
- About the security content of Safari 3 Beta Update 3.0.4, guide to the security holes closed by Apple's Beta 4 version of Safari.
- Download of the latest Safari beta