The approve method in ERC20 is susceptible to the Transaction Ordering Dependence (TOD) attack. A malicious spender can wait for the approver to change the allowance from x to y and include a transaction to spend x tokens. If the spender's transaction will be executed before the approver's transaction, then the spender will successfully transfer x tokens and will gain the ability to transfer another y tokens.

One possible solution to resolve this condition is to first reduce the spender's allowance to 0 and set the desired value afterwards. The recent standards also include increase and decrease approval methods to safely change the approval limit. These functions avoid the need to call the approve function twice and wait until the first transaction is confirmed for safe allowance.

The increaseApproval method increases the number of tokens allocated to a spender:

/**
 * @dev Increase the amount of tokens allowed.
 * @param _spender Address which will spend the funds.
 * @param _addedValue Amount of tokens to increase.
 */
function increaseApproval(address _spender, uint _addedValue)
    public returns (bool) {
    allowed[msg.sender][_spender] = 
        (allowed[msg.sender][_spender].add(_addedValue));
    emit Approval(msg.sender, _spender, allowed[msg.sender][_spender]);
    return true;
}

The decreaseApproval method works in the same way to reduce the number of tokens allocated to a spender:

/** 
 * @dev Decrease the amount of tokens allowed.
 * @param _spender Address which will spend the funds. 
 * @param _subtractedValue Amount of tokens to decrease. 
 */ 
function decreaseApproval(address _spender, uint _subtractedValue) 
    public returns (bool) { 
    uint oldValue = allowed[msg.sender][_spender]; 

    if (_subtractedValue > oldValue) { 
        allowed[msg.sender][_spender] = 0; 
    } else { 
        allowed[msg.sender][_spender] = oldValue.sub(_subtractedValue); 
    } 

    emit Approval(msg.sender, _spender, allowed[msg.sender][_spender]); 
    return true; 
}