====================================================================


                             CERT-Renater

                 Note d'Information No. 2018/VULN169
_____________________________________________________________________

DATE                : 25/04/2018

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): macOS versions prior to 10.13.4.

=====================================================================
https://lists.apple.com/archives/security-announce/2018/Apr/msg00001.html
_____________________________________________________________________

APPLE-SA-2018-04-24-2 Security Update 2018-001

Security Update 2018-001 is now available and addresses the
following:

Crash Reporter
Available for: macOS High Sierra 10.13.4
Impact: An application may be able to gain elevated privileges
Description: A memory corruption issue was addressed with improved
error handling.
CVE-2018-4206: Ian Beer of Google Project Zero

LinkPresentation
Available for: macOS High Sierra 10.13.4
Impact: Processing a maliciously crafted text message may lead to UI
spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security
Platform Department, Roman Mueller (@faker_)

Installation note:

Security Update 2018-001 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/


==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================