Apple releases iOS 11.3.1 with 3rd party display & bug fixes


Apple has released a new software update for iPhone, iPad, and iPod touch. iOS 11.3.1 is likely a bug fix update to the iOS 11.3 software update released last month.

Apple currently shows the iOS 11.3.1 release on its developer portal with build version 15E302, and the release will likely be released over-the-air shortly for all customers.

With iOS 11.3 released in late March and iOS 11.3.1 out today, Apple is also running a developer and public beta version of iOS 11.4, likely due out in late May or early June, which includes AirPlay 2 and Messages on iCloud.

iOS 11.3.1 includes a fix for display issues experienced on iPhone 8 with third-party repairs and security improvements for all iPhones and iPads.

Here's the security content of iOS 11.3.1:

Crash Reporter

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: An application may be able to gain elevated privileges

Description: A memory corruption issue was addressed with improved error handling.

CVE-2018-4206: Ian Beer of Google Project Zero

LinkPresentation

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing a maliciously crafted text message may lead to UI spoofing

Description: A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation.

CVE-2018-4187: Zhiyang Zeng (@Wester) of Tencent Security Platform Department, Roman Mueller (@faker_)

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2018-4200: Ivan Fratric of Google Project Zero

WebKit

Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2018-4204: Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative, found by OSS-Fuzz

Source: Apple Support
Write a Comment ()