Apple released several security-related updates through Software Update and Apple’s Support Downloads site.

Security Update 2009-001 addresses a number of vulnerabilities detailed in the update’s support document, notably including the Safari RSS vulnerability disclosed in mid-January.

Multiple input validation issues exist in Safari’s handling of feed: URLs. The issues allow execution of arbitrary JavaScript in the local security zone. This update addresses the issues through improved handling of embedded JavaScript within feed: URLs. Credit to Clint Ruoho of Laconic Security, Billy Rios of Microsoft, and Brian Mastenbrook for reporting these issues.

Source : Apple