Apple Wednesday afternoon released an update to its Safari Web browser, addressing a vulnerability that could allow an image file to exploit Macs with older software.
According to Apple, the flaw allowed maliciously crafted images with an embedded color profile to execute arbitrary code, or unexpectedly terminate the application. The issue does not affect Mac OS X 10.6 systems, and was already addressed with Security Update 2009-005 for Mac OS X 10.5.8 systems.
The 36.2MB download is available via Software Update. In addition to the security patch, Safari 4.0.4 is said to offer:
- Improved JavaScript performance
- Improved Full History Search performance for users with a large number of history items
- Stability improvements for third-party plug-ins, the search field and Yahoo Mail
The last update to Safari, 4.0.3, was released in August. It provided stability improvements for Web pages that use the HTML 5 video tag, and fixed issues that prevented some users from logging into iWork.com