Apple has released a new version of Safari for Windows that includes a security fix for a high-profile vulnerability previously dismissed by the company. The "carpet bomb" bug was initially thought to be less serious, but it was later discovered that the flaw could be exploited in combination with other problems in Windows and Internet Explorer to run unauthorized software on a victim's PC.

Besides addressing the carpet bomb issue, version 3.1.2 fixes bugs in the way Safari renders JavaScript arrays and handles executable files that are downloaded from trusted sites. It also fixes a less-critical issue in the way Safari renders Bitmap and Gif images, which could enable attackers to snoop at the memory contents of a victim's PC. The Safari update is only for Windows users, and can be downloaded and installed from the company's Downloads site.