macOS High Sierra 10.13.4 Security Update 2018-001 Released

Almost a full month after macOS High Sierra 10.13.4 was made available to the public, Apple has today released a new security update for the software, an update that does not warrant a new point release but nevertheless is an important update for all Mac users to download.

Those with Macs that are eligible for the update can download it directly from the Mac App Store or via the Software Update functionality within the store on all Macs that are running compatible versions of macOS High Sierra.

As for what’s new in this update, here’s an excerpt from Apple’s notes on the said update:

Security Update 2018-001

Released April 24, 2018

Crash Reporter

Available for: macOS High Sierra 10.13.4

Impact: An application may be able to gain elevated privileges

Description: A memory corruption issue was addressed with improved error handling.

CVE-2018-4206: Ian Beer of Google Project Zero

LinkPresentation

Available for: macOS High Sierra 10.13.4

Impact: Processing a maliciously crafted text message may lead to UI spoofing

Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security Platform Department, Roman Mueller (@faker_)

The update, which Apple labels as Security Update 2018-001, is predictably recommended for all Mac users in order to help improve the security of macOS. This update in particular addresses two specific security vulnerabilities relating to Crash Reporter and LinkPresentation, both of which could theoretically be used by those looking to do so for malicious purposes.

A new Safari 11.1 update is also included as part of this new security update, bringing fixes for various WebKit vulnerabilities and is released under Safari version 11.1.

We heartily recommend you download the update sooner rather than later, and if Apple has seen fit to release a security update rather than wait for a normal software update in order to fix the security flaw, then it’s clear Apple would agree.

You may also like to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.