Apple has released MacOS 10.14.3 Supplemental Update for MacOS Mojave, the update fixes the Group FaceTime security flaw that allowed for unauthorized Group FaceTime eavesdropping with the prior 10.14.3 build and is therefore recommended for all MacOS Mojave users to install.

Separately, Apple also released iOS 12.1.4 update to resolve the same Group FaceTime issue for iPhone and iPad users.

How to Update to MacOS 10.14.3 Supplemental Update

Always back up the Mac with Time Machine before installing any system software update. MacOS system software updates are now done through the System Preferences app rather than the App Store:

From the  Apple menu, choose “System Preferences” Select the “Software Update” preference panel Click on “Update Now” when “macOS 10.14.3 Supplemental Update” shows as available to download

The 10.14.3 Supplemental Update is around 1 GB in size and requires a reboot to complete the installation of.

If you had previously disabled FaceTime on the Mac to guard against the security flaw, you’ll need to re-enable FaceTime on the Mac before using Group FaceTime again. This is easily done in the FaceTime app by pulling down the “FaceTime” menu and choosing “Turn FaceTime On”. Likewise iOS users will need to re-enable FaceTime if they turned it off as well.

Mac users can also choose to download the MacOS 10.14.3 Supplemental Update as a package installer from Apple

Using package installers and Combo Updates is fairly simple though generally not necessary for most Mac users.

MacOS 10.14.3 Supplemental Update Release Notes

Release notes accompanying MacOS 10.14.3 Supplemental Update download are as follows:

Updating…

Separately, the security notes for 10.14.3 Supplemental Update:

macOS Mojave 10.14.3 Supplemental Update Released February 7, 2019 FaceTime Available for: macOS Mojave 10.14.3 Impact: The initiator of a Group FaceTime call may be able to cause the recipient to answer Description: A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. CVE-2019-6223: Grant Thompson of Catalina Foothills High School, Daven Morris of Arlington, TX Foundation Available for: macOS Mojave 10.14.3 Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2019-7286: an anonymous researcher, Clement Lecigne of Google Threat Analysis Group, Ian Beer of Google Project Zero, and Samuel Groß of Google Project Zero Live Photos in FaceTime Available for: macOS Mojave 10.14.3 Impact: A thorough security audit of the FaceTime service uncovered an issue with Live Photos Description: The issue was addressed with improved validation on the FaceTime server. CVE-2019-7288: Apple