The Department of Homeland Security's Computer Emergency Readiness Team (CERT) is warning of a recent and serious security flaw in Safari. The specific threat is said to be the browser's handling of window objects, as an object can be deleted while still leaving references behind. If JavaScript tries to use the deleted item, an invalid pointer may become available for an attacker to exploit.
