Volker Roth

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.4 Security Update versions prior to 2019-002 for High Sierra and Sierra **Description** An issue existed in the handling of S-MIME certificates, which has been addressed with improved validation. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing. **Recommendations** For macOS versions prior to 10.14.4, update to macOS Mojave 10.14.4 or later. For High Sierra and Sierra, apply Security Update 2019-002 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.14.4 Security Update versions prior to 2019-002 for High Sierra and Sierra **Description** An issue existed in the handling of encrypted Mail, which could allow an attacker in a privileged network position to intercept the contents of S/MIME-encrypted e-mail. This issue was addressed with improved isolation of MIME in Mail. **Recommendations** For macOS versions prior to 10.14.4, update to macOS Mojave 10.14.4 or later. For High Sierra and Sierra, apply Security Update 2019-002 or later.