According to Apple, the flaw allowed maliciously crafted images with an embedded color profile to execute arbitrary code, or unexpectedly terminate the application. The issue does not affect Mac OS X 10.6 systems, and was already addressed with Security Update 2009-005 for Mac OS X 10.5.8 systems.
The 36.2MB download is available via Software Update. In addition to the security patch, Safari 4.0.4 is said to offer:
- Improved JavaScript performance
- Improved Full History Search performance for users with a large number of history items
- Stability improvements for third-party plug-ins, the search field and Yahoo Mail
The last update to Safari, 4.0.3, was released in August. It provided stability improvements for Web pages that use the HTML 5 video tag, and fixed issues that prevented some users from logging into iWork.com
