The bug took advantage of an iOS feature which allowed users to immediately call a phone number by tapping on it. Apple's fix is simple: now, instead of placing a call right away, the phone explicitly prompts the user, requiring a second tap before calling.
The bug was most famously exploited last fall, when a Twitter user posted a tweet reading "I CANT BELIEVE PEOPLE ARE THIS STUPID," with a malicious link which forced iPhones to repeatedly call 911 until the device is turned off. The teen responsible was later arrested and charged with four felony counts of computer tampering. The link in the tweet was reportedly clicked on 117,502 times, and was responsible for 911 centers in at least a dozen US cities being overwhelmed by fake calls.
iOS 10.3 was released on March 27, just short of five months after the tweet went viral. To Apple's credit, the company didn't wait for so long until releasing a fix, but rather previously worked with app developers to fix the flaw. The update to 10.3, however, fixes the problem in all instances, even in apps which haven't yet been patched. The update also added a number of new features, a list of which you can find here.