Apr 18, 2011 04:18 GMT  ·  By

Apple has released Safari 5.0.5 for Windows and Mac in order to address two critical vulnerabilities disclosed during the Pwn2Own competition earlier this year.

Both vulnerabilities are located in the WebKit layout engine and can be exploited over the web in drive-by download attacks.

The first, identified as CVE-2011-1290, was leveraged by security researchers Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann at Pwn2Own to hack into the BlackBerry, whose browser also uses WebKit.

The flaw stems from an error in the handling of nodesets which can result in an integer overflow allowing for arbitrary code execution.

The second vulnerability can also be exploited to execute arbitrary code remotely and was disclosed by a team of researchers from Vupen Security, together with Martin Barbella.

The VUPEN team took home the prize for hacking Safari in five seconds at this year's Pwn2Own contest, exploiting this vulnerability to launch fully-transparent drive-by download attack.

In addition to these patches, Apple also released an update for Mac OS X in order to blacklist the rogue digital certificates issued by Comodo last month.

This move affects Safari, because the most likely attacks using the certificates involved the web and the browser.

On Windows, Safari also relies on the OS to determine which SSL certificates are trustworthy. Microsoft has blacklisted the rogue certs since March 28.

Another recommendation is to enable Online Certificate Status Protocol (OCSP) and Certificate Revocation List (CRL).

These are two mechanisms used by certification authorities (CAs) to revoke certificates so they represent a faster solution than waiting for the OS maker to update the hard coded blacklist.

On the other hand, checking for certificate revocations each time one is encountered in the browser will add to the page loading time.

Users who are willing to sacrifice a bit of speed on SSL-protected pages for enhanced security can enable OCSP and CRL from the Keychain Access > Preferences > Certificates menu. Set both options to Best Attempt and give priority to OCSP.

Safari 5.0.5 for Mac can be downloaded from here.

Safari 5.0.5 for Windows can be downloaded from here.