Apple on Tuesday released security updates for the Safari browser and its MacOS and iOS operating systems, fixing a total of four vulnerabilities.
Two of the bugs, CVE-2018-4200 and CVE-2018-4204, were found in the WebKit web browser engine used by Safari and iOS,and were described as memory corruption issues that attackers can exploit with maliciously crafted web content to execute arbitrary code.
The first of these flaws was discovered by Ivan Fratric of Google Project Zero, and ultimately repaired with improved state management. The second, found using Google’s OSS-Fuzz capabilities, was reported by Richard Zhu (aka “fluorescence”) in conjunction with Trend Micro’s Zero Day Initiative, and was repaired with improved memory handling.
The above flaws are fixed in Safari 11.1 for OS X El Capitan 10.11.6, macOS Sierra 10.12.6, and macOS High Sierra 10.13.4, and in iOS version 11.3.1 for iPhone 5s and later, iPad Air and later, and the iPod touch 6th generation.
The remaining two bugs, were found in the CrashReporter and LinkPresentation features of both macOS and iOS. Apple users are protected from these flaws upon downloading macOS High Sierra 10.13.4, or iOS version 11.3.1 for iPhone 5s and later, iPad Air and later, and the iPod touch 6th generation.
Discovered by Ian Beer of Google Project Zero, the CrashReporter bug is a memory corruption issue that can allow applications to gain elevated privileges. Apple addressed the problem, designated CVE-2018-4206, via improved error handling.
The fourth and final bug, CVE-2018-4187, is a vulnerability involving the handling of URLs that could result in user interface spoofing. Reported by Tencent researcher Zhiyang Zeng (aka @Wester), as well as Roman Mueller (aka @faker_), the issue was resolved with with improved input validation.