Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Apple Pulls iOS 16.5.1 and macOS 13.4.1 Rapid Security Response Updates Due to Safari Bug

  • Like
  • Haha
Reactions: gusmula, Pinkyyy 💜🍎 and DailySlow
poseidondev said:
Nonsense, it didn’t break “compatibility”. The websites would work fine, if it weren’t for them failing to properly parse the user agent and them hard blocking the browser if they don’t recognize the user agent, which they have no business doing to begin with.
Click to expand...

And yet, the other browsers work fine. And yet it was so bad that Apple pulled the update altogether. :rolleyes:

poseidondev said:
At best they should suggest that they suspect your browser won’t work but allow you to try, not actively sabotage it based on lazily implemented conditional.
Click to expand...


I'm not saying that third party sites and services couldn't stand to improve their implementation of web standards. That and Apple pushing out an update they clearly shouldn't have are not mutually exclusive conditions.

poseidondev said:
I take it you’re the CTO at one of the MANGA companies with your level of foresight?
Click to expand...

No. I just happen to smell nonsense Apple apologism miles away. If it's bad enough that Apple had to pull it, then clearly they didn't do enough testing. If they did enough testing, then they'd know that there were conditions in place that would result in them having to pull the update. It's really that simple.

poseidondev said:
Because I can guarantee you that no engineer will ever think to check if websites stop working on the basis of a version bump in a user agent of all things.

This is the equivalent of a merchant refusing you to let you use Apple Pay because they don’t recognize the new model of iPhone you’re trying to pay with.
Click to expand...

I'll grant that RSRs are new and that they've largely been a bit of a mixed bag. This one obviously needed more time in the oven, otherwise it wouldn't have been pulled. I'll also grant that the first "R" in RSR would imply that this needed to be deployed post-haste. Though, again, as history clearly shows, they didn't do enough testing.


SoYoung said:
For those saying the devs at Apple are idiots you clearly not used Windows 10 for a while.
Click to expand...

I use Windows 10 alongside macOS CONSTANTLY. The devs at Apple aren't idiots. But whatever change management/control processes they have are definitely needing serious overhaul. And no, with the exception of them pushing Bing and Edge in places I'd rather them not to, my experience with Windows 10 has been flawlessly stable pretty much the entire time I've used it. Windows 11 as well.

Compare that to the annual game of "what did they break this time?" game that I have to play with macOS, and it'd pretty smooth sailing.

SoYoung said:
I have tons of little irritating issue here and there for absolutely no reasons. On another hand, macOS is running almost flawlessly for years without any/or very little issues over the years.
Click to expand...

That's heavily debatable. I have never had to completely wipe my machine from having done a clean OS install to then revert from a full system backup on any Windows 10 machines. I have had to do this on at least three different occasions on my Macs since Windows 10 debuted. Either you are not a heavy macOS user, your Windows machines were purchased at Best Buy or Costco for under $500 a pop (and are therefore the kind of crap one ought to avoid as a PC purchaser), or both.

SoYoung said:
Stop crying because a rapid security update have a problem that can easily be fixed by changing the user agent or just using another browser on macOS for now or just uninstall the update that will take you a big 2 minutes to do.
Click to expand...

Yet this is exactly the same behavior that anyone on this site cries foul on Windows for. So, it's okay to do it when it's Windows, but not because it's macOS? I know this is MacRumors.com here, but that's the kind of reality distortion that I can't take seriously.

SoYoung said:
Same for users saying Android is better now, they clearly forget apps on Google play store containing malware elements. Android is known for not being as good in security so the complaints are a total non sense there.
Click to expand...

This is written like someone who hasn't actually touched an Android phone in years and has only read about the "horrors of Android" from obviously biased articles. I've used Android for years. Have yet to encounter malware. It's not hard to download the correct apps from Google Play.


SoYoung said:
I'm not saying Apple is perfect, but there's definitively some situations were complaints are totally absurd, and this one is one of them.
Click to expand...
What's absurd is comments on the article of an update Apple had to pull that place the blame of Apple having to pull the update on anything or anyone other than Apple. Companies don't just pull issued security updates and patches because third parties aren't ready for it yet. That's not how a company that understands security updates operates.
 
  • Like
  • Love
  • Haha
Reactions: freedomlinux, gusmula, Pinkyyy 💜🍎 and 3 others
This whole fiasco could have been averted if they released this rsr to developers only first as a beta rsr. Over the years they have been accustomed to a rough ride with betas, even ones that go awry. Most people who use apple devices have nowhere near as much expertise or experience with buggy betas.

Although people on this site are more attuned to what is going on, I suspect there are many others wondering what the heck happened to facebook and zoom etc. and have no idea.

The first few rsr's were actually beta rsr's. That doesn't seem to be a thing anymore.

It's a good lesson for apple to see the need to make beta rsr's again.
 
Last edited:
  • Like
Reactions: Pinkyyy 💜🍎 and amartinez1660
Yebubbleman said:
And yet, the other browsers work fine. And yet it was so bad that Apple pulled the update altogether. :rolleyes:




I'm not saying that third party sites and services couldn't stand to improve their implementation of web standards. That and Apple pushing out an update they clearly shouldn't have are not mutually exclusive conditions.



No. I just happen to smell nonsense Apple apologism miles away. If it's bad enough that Apple had to pull it, then clearly they didn't do enough testing. If they did enough testing, then they'd know that there were conditions in place that would result in them having to pull the update. It's really that simple.



I'll grant that RSRs are new and that they've largely been a bit of a mixed bag. This one obviously needed more time in the oven, otherwise it wouldn't have been pulled. I'll also grant that the first "R" in RSR would imply that this needed to be deployed post-haste. Though, again, as history clearly shows, they didn't do enough testing.




I use Windows 10 alongside macOS CONSTANTLY. The devs at Apple aren't idiots. But whatever change management/control processes they have are definitely needing serious overhaul. And no, with the exception of them pushing Bing and Edge in places I'd rather them not to, my experience with Windows 10 has been flawlessly stable pretty much the entire time I've used it. Windows 11 as well.

Compare that to the annual game of "what did they break this time?" game that I have to play with macOS, and it'd pretty smooth sailing.



That's heavily debatable. I have never had to completely wipe my machine from having done a clean OS install to then revert from a full system backup on any Windows 10 machines. I have had to do this on at least three different occasions on my Macs since Windows 10 debuted. Either you are not a heavy macOS user, your Windows machines were purchased at Best Buy or Costco for under $500 a pop (and are therefore the kind of crap one ought to avoid as a PC purchaser), or both.



Yet this is exactly the same behavior that anyone on this site cries foul on Windows for. So, it's okay to do it when it's Windows, but not because it's macOS? I know this is MacRumors.com here, but that's the kind of reality distortion that I can't take seriously.



This is written like someone who hasn't actually touched an Android phone in years and has only read about the "horrors of Android" from obviously biased articles. I've used Android for years. Have yet to encounter malware. It's not hard to download the correct apps from Google Play.



What's absurd is comments on the article of an update Apple had to pull that place the blame of Apple having to pull the update on anything or anyone other than Apple. Companies don't just pull issued security updates and patches because third parties aren't ready for it yet. That's not how a company that understands security updates operates.
Click to expand...

In respect, your comment is also biased. You pretend having tons of problems with macOS over the years, it's possible, but you're truly an exception. Everyone I know have little issues with macOS. And then, you pretend I have cheap PCs just because I have Windows problems...so you also completely ignoring that Windows 10 can have issues as well. I just compared my own experience between the two OS. I use macOS all the time and I honestly not having very big issues for years. On another side, I only use Windows for gaming, so it's pretty much a clean install with nothing else except legit games and I have some problems on the OS. I didn't say Windows is bad, I'm just saying every companies can have some issues, and the security update that Apple provide here isn't a big deal. Its just a little issue that can easily be avoided until a second fix is coming, but some users talks about this like the issue is completely break their computer when the real problem isn't just an "apple" one. Every website I visited works fine, except meta ones...and again, even in the past, FB never really allowed changing user agent on Safari so FB have also a blame here.

And yes, Android is objectively not as secure as iOS. They never pull rapid security updates, major Android versions takes age to release on non-google phones, most users aren't at the latest Android version, many companies will not support their phones as long as Apple and its a fact Google play don't have the same quality controls over the apps released there compared to the App Store.
 
  • Like
Reactions: Pinkyyy 💜🍎 and decafjava
SoYoung said:
You pretend having tons of problems with macOS over the years, it's possible, but you're truly an exception.
Click to expand...

I'm not, but okay. If I had a dime for every "Ventura ate my homework" type thread I've read on here, I wouldn't need a job. Same goes for Monterey. Same went for Catalina, High Sierra, and so forth. You are free to pretend that Apple doesn't have actual quality control problems with their OSes, but that doesn't mean that they don't in actuality.

SoYoung said:
Everyone I know have little issues with macOS.
Click to expand...

Yes. Little issues that wouldn't have been there had the OS releases had longer in the oven. Little issues that would've gotten a team fired under Steve Jobs.

SoYoung said:
And then, you pretend I have cheap PCs just because I have Windows problems
Click to expand...

No. That's just an extremely common culprit to general anti-Windows sentiments from Mac users that have horror stories.

SoYoung said:
...so you also completely ignoring that Windows 10 can have issues as well.
Click to expand...

Windows 10 can have issues if the person setting it up doesn't know what they're doing and installs a bunch of unnecessary crap. Know what you're doing and doing so on decent hardware will seldom yield anything that isn't Snow Leopard degrees of stability.

SoYoung said:
I just compared my own experience between the two OS. I use macOS all the time and I honestly not having very big issues for years.
Click to expand...

Good for YOU.

SoYoung said:
On another side, I only use Windows for gaming, so it's pretty much a clean install with nothing else except legit games and I have some problems on the OS.
Click to expand...

You say this as though "legit games" don't install their own slew of support software that could have issues. Blame that on Windows all you want. Incidentally, I also have PCs wherein all I have installed is "legit games" and I have no issues. Perhaps you are holding it wrong.

SoYoung said:
I didn't say Windows is bad, I'm just saying every companies can have some issues, and the security update that Apple provide here isn't a big deal.
Click to expand...

It's not "a big deal". But it is representative of the quality control problems that people on here are quick to blame Microsoft for with Windows and Google for with Android. So, either it's not a big deal when anyone does it, or it's a big deal when everyone does it. But it not being that big of a deal when Apple does it but it being a big deal when Microsoft does it is absurd. Incidentally, I follow news on Microsoft updates (as part of that whole IT thing I do with my professional life) and I haven't read of Microsoft having to wholesale pull an update in many years. Apple doesn't do it all that often on public-facing updates. ANYONE doing it means that there's a lack of sufficient quality control. Period.

SoYoung said:
Its just a little issue that can easily be avoided until a second fix is coming, but some users talks about this like the issue is completely break their computer when the real problem isn't just an "apple" one. Every website I visited works fine, except meta ones...and again, even in the past, FB never really allowed changing user agent on Safari so FB have also a blame here.

And yes, Android is objectively not as secure as iOS. They never pull rapid security updates, major Android versions takes age to release on non-google phones, most users aren't at the latest Android version, many companies will not support their phones as long as Apple and its a fact Google play don't have the same quality controls over the apps released there compared to the App Store.
Click to expand...
 
  • Love
Reactions: Pinkyyy 💜🍎
BTW I was a lifetime Windows user until 2015 when I switched to macOS for accessibility reasons at that time so if someone have nothing against Windows, its me.
 
  • Like
Reactions: Pinkyyy 💜🍎
Yebubbleman said:
If I had a dime for every "Ventura ate my homework" type thread I've read on here, I wouldn't need a job.
Click to expand...
This website has a lot of BS "Apple is doomed" or related threads that make it to the front page. I'm sure some people may be having these problems, but it's hardly a scientific survey. The same exists for all operating systems. I haven't had a situation where I needed to reinstall the whole OS in decades on either of Linux variants, Windows or macOS.

Anyway, this security update certainly need more time in the oven. They apparently didn't consider it important enough to push it to users, it just showed up when looking for updates. For this reason, I doubt a lot of people who aren't reading Apple websites were affected.
 
  • Like
Reactions: Pinkyyy 💜🍎, b17777, arkitect and 1 other person
MacRumors said:


Apple earlier today released new Rapid Security Response updates for iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 users, but Apple has pulled the software, likely due to an issue that caused certain websites not to work after the RSRs were installed.

Rapid-Security-Response-Feature-1.1.jpg

According to reports on the MacRumors forums, Facebook, Instagram, WhatsApp, Zoom, and other websites started giving a warning about not being supported on the Safari browser following the Rapid Security Response updates.

The iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 Rapid Security Response updates fixed a WebKit vulnerability that Apple says may have been actively exploited. Unfortunately, it appears that the updates changed the Safari user agent to include an (a), leading some websites to break.

Apple will likely re-release the RSRs when the issue has been addressed.


Those who have already installed the update can downgrade on iOS by going to Settings > General > About and tapping on iOS Version. From there tap on Remove Security Update. On the Mac, updates can be removed by following our how to.

Article Link: Apple Pulls iOS 16.5.1 and macOS 13.4.1 Rapid Security Response Updates Due to Safari Bug
Click to expand...
Jeezus Effing Keeryste! So good is bad and bad is good in this Apple maze? What have we installed (AKA RSR), applied, then removed? Sounds like a perfect APT scenario with the perfect (that's if someone has decoded and reverse engineered the RSR) road map to the vulnerability the RSR was supposed to patch - and then unpatched. Thes is a major CF**K. Worthy of MS.
 
Smartuser said:
This website has a lot of BS "Apple is doomed" or related threads that make it to the front page. I'm sure some people may be having these problems, but it's hardly a scientific survey.
Click to expand...

None of it is scientific. All of it is empirical.

Smartuser said:
The same exists for all operating systems. I haven't had a situation where I needed to reinstall the whole OS in decades on either of Linux variants, Windows or macOS.
Click to expand...

I've had to reinstall the whole OS with macOS plenty of times; though none quite as horrible as with macOS High Sierra in those early days. Man...what a cluster*ck. I've certainly reinstalled all three on the grounds that I had done enough to muck with the OS's environment that I wanted to start over, but that's not the fault of any OS, platform or vendor and entirely on me.

Smartuser said:
Anyway, this security update certainly need more time in the oven. They apparently didn't consider it important enough to push it to users, it just showed up when looking for updates. For this reason, I doubt a lot of people who aren't reading Apple websites were affected.
Click to expand...
I completely agree with this.
 
  • Like
Reactions: Pinkyyy 💜🍎
Yebubbleman said:
None of it is scientific. All of it is empirical.
Click to expand...
Those terms are generally both used to mean "based on observations from controlled experiments and applied statistics" and not "based on what a self-selected group of people post on a website and get the most engagement out of".

"Empirical research" does not mean to collect and select anecdotes with the goal of confirming someone's bias.
Yebubbleman said:
I've had to reinstall the whole OS with macOS plenty of times; though none quite as horrible as with macOS High Sierra in those early days. Man...what a cluster*ck. I've certainly reinstalled all three on the grounds that I had done enough to muck with the OS's environment that I wanted to start over, but that's not the fault of any OS, platform or vendor and entirely on me.
Click to expand...
Right. I've had to reinstall sometimes because of hardware being exchanged through AppleCare. Generally worked fantastically well and I had my Mac back, even though it was new hardware.
 
  • Like
Reactions: Pinkyyy 💜🍎
Smartuser said:
Anyway, this security update certainly need more time in the oven. They apparently didn't consider it important enough to push it to users, it just showed up when looking for updates. For this reason, I doubt a lot of people who aren't reading Apple websites were affected.
Click to expand...

The profile of an average home Mac user are probably like my retired parents. They are Boomers, close to Donald Trump's age. They have Macs because it's the most intuitive PCs to figure out. They won't have inclination to read Apple geekery websites like we do. And you are right, they nornally don't check the System Settings for things like RSR updates. That's my responsibility, I regularly check that their computers and iPhones are fairly up to date.

At the opposite end.... are the MacRumors geeks, who are the very first to install these Updates the hour they are released. And oftentimes, many here are also the first to dive into betas, to be the willing guinea pigs for everyone else.
 
Apple fell short. This should have been rough tested in like the major popular apps for like an hour, at least, before shoveling out the door for delivery. Yes, it may be on (the hated and despised by many here) Meta and some on Zoom - but I, and the small circle of acquaintances who I had urged to install this, really don't want to pivot to total lab rat roles. We need detailed transparency - in a post here hopefully - on WTF happened. Seriously. If, just if, this or some other RSR had clapped an MFI health device resulting in loss or injury, it would be more than a "black eye" for Apple.
 
  • Haha
  • Like
Reactions: Pinkyyy 💜🍎, MuppetGate, BugeyeSTI and 1 other person
Smartuser said:
Those terms are generally both used to mean "based on observations from controlled experiments and applied statistics" and not "based on what a self-selected group of people post on a website and get the most engagement out of".
Click to expand...

Empirical research is research based on experience. In my experience, I've encountered enough people kvetching and moaning about things that broke in ::insert name of annual macOS release here::. Those people are not exclusively on this site, however each additional person that claims a similar experience is another person I'm encountering with a similar experience.

The fact that it correlates to people posting on this website is coincidental.

Smartuser said:
"Empirical research" does not mean to collect and select anecdotes with the goal of confirming someone's bias.
Click to expand...

You are correct. However, that doesn't preclude the fact that what I'm experiencing IS people with experiences similar to my bias. You could almost say that they inform the bias itself. :p

Smartuser said:
Right. I've had to reinstall sometimes because of hardware being exchanged through AppleCare. Generally worked fantastically well and I had my Mac back, even though it was new hardware.
Click to expand...
You know what works better than having your Mac replaced through AppleCare? Not having to have your Mac be replaced through AppleCare.
 
  • Like
Reactions: Pinkyyy 💜🍎
Yebubbleman said:
Empirical research is research based on experience. In my experience, I've encountered enough people kvetching and moaning about things that broke in ::insert name of annual macOS release here::. Those people are not exclusively on this site, however each additional person that claims a similar experience is another person I'm encountering with a similar experience.

The fact that it correlates to people posting on this website is coincidental.
Click to expand...
I won't pursue this any further, no point. Empirical research doesn't mean generalizing one's own observations or the ones one reads about.
Yebubbleman said:
You know what works better than having your Mac replaced through AppleCare? Not having to have your Mac be replaced through AppleCare.
Click to expand...
Great zinger. Everything can and does break, and I'd rather be covered than not.

Carry on with your crusade, but please leave me out.
 
  • Like
Reactions: tomnavratil
This is EXACTLY why I reacted to the point I upgraded my avatar image to about automatically installing a home cooked RAR. There is so much unclear about this mess and I want to read about it here, among other sources. It's a serious thing when you just instantly install something directly into OS Code/Kernel then pull it. What did it potentially actually leave behind? I would NEVER just download and install something such as this unless it was from Apple. Maybe I am moderately naive but my trust [in Apple] is in turmoil.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back