Apple on Tuesday released a new security update for macOS High Sierra 10.13.4. The update addresses two security vulnerabilities discovered following the release of macOS High Sierra 10.13.
The security update is available for free download and installation to compatible Macs already running macOS High Sierra. Visit the Mac App Store and click the “Update” tab to download and install the security update.
Security Update 2018-001
Released April 24, 2018
Crash Reporter
Available for: macOS High Sierra 10.13.4
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved error handling.
CVE-2018-4206: Ian Beer of Google Project Zero
LinkPresentation
Available for: macOS High Sierra 10.13.4
Impact: Processing a maliciously crafted text message may lead to UI spoofing
Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.
CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security Platform Department, Roman Mueller (@faker_)
For more information about the security update, read the accompanying support document.