It would appear that, regardless of browser choice, there's a plugin to cause problems. Years ago the primary culprits would have been toolbars, but now it's the turn of Oracle's Java and Adobe Flash Player. If you use either, you'll notice frequent updates to protect against vulnerabilities.
Apple's vulnerability handling has been pretty neat, with the company just blocking the problem. The US government even said to just disable Java. Flash Player is next to be sorted out, with the February 28 update blocking older versions of Adobe's program from working in Safari.
Apple is making this work through OS X's inbuilt Xprotect malware scanner; maybe not an orthodox method, but it's getting results for the company, driving down consumer problems simultaneously. Not everyone knows about Xprotect, and information about it is thin on the ground, but it certainly seems to be flagging outdated software effectively.
As is always the case online, there's some ill feeling about Apple's handling. According to some, they're just playing at being Orwell's Big Brother, limiting access and choice. Whether you're in agreement or not, the update should hopefully safeguard users.