The company released Safari versions 5.0.3 and 4.1.3 for Mac OS X and Windows XP SP2, Vista and Windows 7. The updated versions fix 27 reported vulnerabilities in the Safari Webkit component that made Safari users vulnerable to Web based attacks that could crash the browser or, in a worst case scenario, allow attackers to run their own malicious code on vulnerable systems.
WebKit is used to render Web page content within browsers, including hyperlinking, browser history and so on. The component is native to Safari and is separately managed as an open source project that has been ported to other platforms as well. Vulnerabilities in WebKit have recently snagged other platforms, as well, including Google’s Android Mobile O.S. researcher MJ Keith of Alert Logic published code to exploit a known WebKit vulnerability in Android’s 2.0 and 2.1 operating systems. That hole has been fixed in the latest version of Android, 2.2, but only a minority of Android phones in use have upgraded to the latest version, according to Google data.