Safari v4.0.5 reportedly fixes a number of security issues on the Windows and Mac OSX platform versions of its browser, and includes remediations for a total of 16 security vulnerabilities.
The new version has been welcomed by most quarters but, says Graham Cluley, senior technology consultant with Sophos, Safari users should update their browsers – regardless of platform – without delay.
"If you dilly-dally over updating your computer, it's possible that hackers could exploit the security bugs – including some that could mean that simply visiting a webpage with a maliciously crafted image could lead to malicious code being automatically run on your computer", he noted in his security blog.
According to Cluley, one of the bugs (CVE-2009-2285) fixed in Safari 4.0.5 was announced and patched in Mac OS X 10.6.2 back in December 2009, and in Mac OS X 10.5 since January.
This means, he says, that Windows users of Safari have been vulnerable for over two months in the way their browser handles booby-trapped TIFF images.
"But it doesn't matter whether you own a Mac or PC, if you run Safari the message is clear: It's time to update your browser and ensure that you are protected against hackers exploiting the security holes detailed in the security advisory on Apple's website", he said.