On top of releasing iOS 11.3.1 this morning, Apple has also pushed out a security update for macOS High Sierra 10.13.4 (2018-001), which “is recommended for all users and improves the security of macOS”.
Below are the security fixes as noted in Apple’s documentation on the update, which note it fixes a bug where an app could “gain elevated privileges” and also a bug related to UI spoofing from a “maliciously crafted text message”:
Crash Reporter
Available for: macOS High Sierra 10.13.4
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved error handling.
CVE-2018-4206: Ian Beer of Google Project Zero
LinkPresentation
Available for: macOS High Sierra 10.13.4
Impact: Processing a maliciously crafted text message may lead to UI spoofing
Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security Platform Department, Roman Mueller (@faker_)
You can download this latest security update by going to the Mac App Store and clicking on the Updates tab.
Want to see more of our stories on Google?
P.S. Want to keep this site truly independent? Support us by buying us a beer, treating us to a coffee, or shopping through Amazon here. Links in this post are affiliate links, so we earn a tiny commission at no charge to you. Thanks for supporting independent Canadian media!
1GB update? Yikes. What could Apple be packing into something with that size?