Apple and Mozilla Both issued security fixes for their web browsers ‘Safari’ and ‘Firefox’ respectively this week. According to Advisories posted by Apple and Mozilla, these security holes could have left users open to cross site scripting attacks and malware installation.

Apple for its web browser, Safari, has released fixes for at least four separate flaws. Windows version includes patches for four flaws while the Mac version includes patches for two vulnerabilities. One of these bugs earned USD10,000 at CanSecWest security conference. Mac user may update through built-in update feature while Windows users by using the bundled Apple Software Update application may grab the latest version.

The only fix by Mozilla ‘Firefox’ was issued for stability concerns, the way Firefox handles Javascript garbage collection. Mozilla says this update was issued “primarily to address stability concerns. We have no demonstration that this particular crash is exploitable but are issuing this advisory because some crashes of this type have been shown to be exploitable in the past.”

However Mozilla noted that its Thunderbird email client could be vulnerable if Javascript were to be enable in email that is not a default setting and Mozilla has strongly discouraged enabling Javascript in email.