updated 02:30 pm EDT, Thu April 14, 2011
Updates patch a long list of security issues
Apple has posted a security update for its Safari browser, which has been released alongside a related security update for Snow Leopard. Safari 5.0.5 brings several critical fixes for its WebKit engine, patching vulnerabilities that were discovered by researchers working with TippingPoint's Zero Day Initiative. The changes are designed to help protect against sites containing malicious code.
The browser works in conjunction with improved SSL certificate verification in Snow Leopard, which is part of the Security Update 2011-002 for the desktop OS. The update helps avoid man-in-the-middle attacks designed to intercept user information, as a number of fraudulent SSL certificates have been blacklisted.
Safari 5.0.5 and Snow Leopard Security Update 2011-002 are now available directly from Apple's support site or via Software Update. [Snow Leopard update download - 4.4MB]