AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
Apple has released updates for the iPhone, iPad, and the Mac, with iOS 11.3.1 fixing a third-party display issue among other changes, while Security Update 2018-001 for macOS High Sierra 10.13.4 plugs a hole that could allow an app to take over a Mac's desktop.
The iOS 11.3.1 update is a minor change to the mobile operating system, fixing a number of small issues. The main change of the update is it addresses a reported problem where some iPhone 8 devices become unresponsive to touch-based inputs, with the primary group affected being handsets that underwent servicing with third-party replacement displays.
The touch functionality issue started after the release of iOS 11.3, with the update reportedly causing thousands of iPhone 8 devices with aftermarket screens to stop working properly.
Apple issues a warning in the release notes to users against using unauthorized third-party repair shops, advising:
Note: Non-genuine replacement displays may have compromised visual quality and may fail to work correctly. Apple-certified screen repairs are performed by trusted experts who use genuine Apple parts. See support.apple.com for more information.
The update, weighing in at 49.5 megabytes, can be downloaded from the Settings app under General, then Software Update.
Security Update 2018-001, released on Tuesday, fixes two vulnerabilities in macOS High Sierra 10.13.4.
The first, under Crash Reporter, addresses a memory corruption issue by improving error handling. Reported by Ian Beer of Google Project Zero, the vulnerability allowed an application to "gain elevated privileges," which if exploited could allow an attacker complete control of a Mac desktop if left unpatched.
The other issue, credited to Zhiyang Zeng of Tencent Security and Roman Mueller, involves the use of a "maliciously crafted text message" that could be used to spoof the user interface. The issue existed in how LinkPresentation handled URLs, and has been fixed with improved input validation.