A vulnerability affecting Apple Safari has just been discovered.

By tricking the user into opening a malicious web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available.

The only fix available as of now, until Apple offers a patch, is to disable Javascript under 'Preferences', 'Security'

The other option is to use Firefox 3.6 with the NoScript add-on, or Google Chrome. It is likely that Google Chrome is not affected by this vulnerability.