The development team at Apple has recently released version 3.2 of the Safari browser. This update does not make the browser work faster, nor does it bring exciting new features to the table. This is purely a security update meant to plug the security holes in the software – all 11 of them. It is important that you update as soon as possible and protect yourself from any potentially malicious attack.

The vulnerabilities in question affect Safari browser 3.1 versions that run on Mac OS X Leopard, Mac OS X Tiger, Windows XP and Windows Vista. So not only are there a lot of vulnerabilities, you are not going to be protected no matter what operating system you use (given of course that you chose to run Windows or Mac OS X and not Ubuntu 8.10). Now this can’t be good news, unless you were waiting for a catch. The catch is that if you are running Mac OS X, some of the issues were dealt with by the Mac update that Apple released back in October.

The total of 11 security vulnerabilities can be divided into two categories: the eight that directly affect the Safari browser and the three that affect WebKit. In the first category we have security issues related to the libxsit library, the heap buffer overflow in CoreGraphics, the unexpected application termination when handling malicious TIFF images and JPEG files, the memory corruption in ImageO, and the autocomplete disabling failure. The WebKit vulnerabilities all have the same outcome: your private, sensitive data may leak out.

One of the new security features in Safari 3.2 that Apple can boast about is “phising protection”. Now I do not mean to belittle Apple or their software product, but this feature was a long time coming. For some users that is enough to get them to switch to other, safer browsers - like Mozilla's Firefox.

If you would like to download the latest Safari software version, Safari 3.2, you can do so here. Alternative download location available here.