Apple has released version 4.0.3 of Safari web browser for the Mac and Windows platform. WebKit issues have been addressed. A buffer overflow within WebKit's ability to parse floating point numbers could be exploited by an attacker leading to DoS or arbitrary code execution. WebKit also allowed for pluginspage attribute of the embed element to reference file URL's from Safari. A redirect to the URL listed in the attributes could allow an attacker to gain access to launch or open files. WebKit will now restrict pluginpage URL's to http or https. WebKit's IDN and Unicode embedded schema could be exploited to create a look-alike URL. This spoofing will appear to be the legitimate domain. WebKit list of known look-alike characters has been supplemented mitigating this exploit.

Apple introduced the Top Sites feature into Safari 4, it was possible for malicious sites to promote using automated actions. The TopSites feature could be used to create phishing attack or enhanced spoofing. safari Update 4.0.3 ensures that sites cannot access or alter Top Sites list.  

Update on Tuesday, August 11, 2009 at 10:29PM by drStrangeP0rk

Users should note that this update does a reboot, including if you run the update on OSX Server.

Update on Thursday, August 13, 2009 at 03:43PM by drStrangeP0rk

Many of these attack vectors required user to interaction with the attacker(direct, server, client, etc.) in some way. User education should never be under estimated. It is part of a overall layered approach to security, in combination with other best practices the risk of these types of attackers are reduced.