Apple has released Safari 4.0 for Windows and Mac OS X to address multiple vulnerabilities in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.

US-CERT encourages users and administrators to review Apple article HT3613 and upgrade to Safari 4.0 to help mitigate the risks.

Read more: US-CERT Current Activity