New security patches address three of nine public vulnerabilities.
Stung by the harsh reception to Safari for Windows (beta), Apple today released Safari 3.0.1 for Windows (beta), addressing three flaws. The updated version patches CVE-2007-3186, a command-injection vulnerability that may lead to arbitrary code execution; CVE-2007-3185, an out-of-bounds memory read issue that may lead to an unexpected application termination or arbitrary code execution; and CVE-2007-2391, a race condition that may allow cross-site scripting. The patches are issued for Windows XP and Windows Vista users; these issues do not affect Mac OS X systems.
The latest version can be downloaded from Apple here.