News

Apple Releases 2018-001 Security Update For macOS High Sierra 10.13.4

Just about a month after the public release of macOS High Sierra 10.13.4, Apple has come up with a security update to the platform. Though it doesn’t qualify as a new release, but still is a really important update for the Mac users who can download it now.

Anyone with a compatible Mac can download the update directly through Mac App Store or using Software Update function available in the store for Macs running compatible software versions of the macOS High Sierra.

Wondering what this new update is all about? Here we have an excerpt from the notes released by Apple for this update:

  • Security Update 2018-001
  • Released on 24th April, 2018

Crash Reporter

  • Available on: macOS High Sierra 10.13.4
  • CVE-2018-4206: Ian Beer from Google Project Zero
  • Impact: Applications might get more privileges
  • Description: An issue with memory corruption was addressed through better error handling

Link Presentation

  • Available on: macOS High Sierra 10.13.4
  • CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security Platform Department, Roman Mueller (@faker_)
  • Impact: Processing maliciously created text messages might result in UI spoofing
  • Description: There was a spoofing problem in handling URLs. The update addresses the issue and improves input validation

The update is labeled by Apple as its 2018-001 Security Update and it’s probably recommended for all the Mac users so that they can be able to enjoy improved macOS security. Particularly, the update addresses a couple of security vulnerabilities related to Link Presentation and Crash Reporter and, theoretically, they both can be exploited by anyone interested in malicious activities.

The latest security update also includes Safari 11.1 update as well and fixes different WebKit vulnerabilities. It’s released under Safari 11.1 version.

It’s heartily recommended that you should download this update very soon. And, as Apple itself has released an update instead of waiting for the regular software update for fixing the security issue then it means there’s something serious that it has fixed. So, just go ahead and download the update.

Check Other Topics:

 

Related Articles

Back to top button
Close