Software is fully updated. This is just another Java script phishing expedition that takes advantage of normal programing available to every programer. It's the ethics of the developer that prevents it from being used wrongly. . . and the webmaster from allowing this on his/her/its website, or Google or other ad provider from allowing this crap on their ad rotation.
You could also go to Safari settings and turn off JavaScript. That might help. Also make sure that block popups is turned on. I usually block 3rd party cookies too.