Update Details: - Title: About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan - Releases: macOS High Sierra 10.13.3, macOS Sierra 10.12.6, macOS 10.11.6 - Release Date: January 23, 2018 Audio: - Issue: Processing a malicious audio file may lead to arbitrary code execution. - Fix: Improved input validation. - CVE: CVE-2018-4094 curl (multiple issues listed): - Integer overflow and out-of-bounds read issues. EFI: - Issue: Multiple buffer overflows and privilege escalation vulnerabilities. - CVEs: CVE-2017-5705, CVE-2017-5708 IOHIDFamily: - Impact: Potential arbitrary code execution with kernel privileges. - CVE: CVE-2018-4098 Kernel (various releases noted for specific CVEs): - Issues: Memory corruption, privilege escalation (out-of-bounds reads), etc. - CVEs listed include CVE-2018-4189, CVE-2018-4097, CVE-2018-4093, etc. Sandbox: - Issue: Potential to circumvent sandbox restrictions. - CVE: CVE-2018-4091 WebKit (multiple memory corruption issues listed for different CVEs). Wi-Fi: - Issue: Application may read restricted memory (input sanitization fix). Additional system components like LinkPresentation, QuartzCore, and Remote Management also addressed specific vulnerabilities likely involving memory corruption and arbitrary code execution risks, mitigated by various patches and improvements as detailed.