After a being publicly dressed down for security flaws, Apple has released an update to its Safari 3 browser for OS X and Windows which patches three serious security flaws.

[The Safari 3.0.1 update][1], which was released last week, fixes three flaws in the Windows version of the browser including the very serious bug [we mentioned][2] when the initial version was released.

Although the first beta of Safari for Windows probably could have used some extra testing, at least Apple was able to turn around an update rather quickly. Thor Larholm, who discovered one of the more serious bugs that the update fixes, says that the quick turnaround time is a positive sign for Apple's beleaguered entry into the Windows browser market. 

"I want to congratulate Apple for fixing a serious security vulnerability in such a short time frame," Larholm [writes on his blog][3], "their usual response time can be counted in weeks to months."

Still there are other known flaws which have yet to be patched and LArholm suspects that a variation on his initial attack may still be possible. "Quotes and whitespace are now filtered on any requests to external URL protocol handler applications," he notes, "but other characters are still being passed without filtering so I expect to find some variations pretty soon."


[1]: http://www.apple.com/safari/download/ "Download Safari 3"
[2]: http://blog.wired.com/monkeybites/2007/06/safari_for_wind.html "Safari For Windows: Six Security Exploits In One Afternoon"
[3]: http://larholm.com/2007/06/14/safari-301-released/ "Safari 3.01 released"