Apple has shipped Safari 5.0.2 and Safari 4.1.2 with patches for three gaping holes that expose Web surfers to drive-by download attacks. The browse-and-you re-hacked vulnerabilities affect both Windows and Mac users, Apple warned in an advisory. Two of the three vulnerabilities affect WebKit, the open-source rendering engine that powers Apple s Safari and iTunes software products. The vulnerabilities are the DLL load hijacking issue that haunts hundreds of Windows applications.
Source: https://threatpost.com/apple-plugs-safari-drive-download-security-holes-090810/74438/

