How exactly ? Seems to be working perfectly fine for me.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Releases Revised iOS and macOS Security Updates to Fix Actively Exploited Vulnerability and Safari Bug
- Thread starter MacRumors
- Start date
- Sort by reaction score
I've got Automatic Updates for Security Updates set = Yes
This is a Security Update = Yes
Did it automatically do the update = Not that I can see and if it did it managed without a reboot.
In fact I wasn't even told there was a patch to fix until I went into System Settings
This is a Security Update = Yes
Did it automatically do the update = Not that I can see and if it did it managed without a reboot.
In fact I wasn't even told there was a patch to fix until I went into System Settings
"a" update broke something and "c" update didn't fix the said problem for a group of users. it seems that there are no reported issues if you:
- Went straight for "c"
- installed the second version of "a" — it seems like there were two version of "a" (though not indicated by the version ID)
- Went straight for "c"
- installed the second version of "a" — it seems like there were two version of "a" (though not indicated by the version ID)
Okay. I'm going to give it until tomorrow morning. There should be some articles out by then on how people are doing with it.
RSRs ≠ Security Update
Security Updates are for MRT and XProtect and get silently installed in the background.
RSRs are mini software updates and installed via the standard Software Update mechanisms.
Noooo, bring 'a' back? Breaking Facebook and Instagram is a bonus/feature, not a bug. Do Twitter and Tik Tok next.
Apparently, you have never been into or have any semblance of security: Internet, or otherwise. For if you had, and had looked at the KB for this, you'll have easily seen the problem:
About the security content of Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1 - Apple Support
This document describes the content of Rapid Security Responses.
There is an active exploit out for already, but don't blame "fear mongering" on lack of ignorance because the research into what was announced wasn't done; nor blame anyone for if one gets compromised because of it.
It's hard to believe your stance of "fear mongering" when both MITRE, NIST, and NHS ave also reported this.
Apple Addresses Critical Zero-Day Exploit (CVE-2023-37450) with Rapid Security Response Updates - SOCRadar® Cyber Intelligence Inc.
Apple has released Rapid Security Response (RSR) updates to tackle a zero-day vulnerability that has been actively exploited. This vulnerability affects
socradar.io
Apple Releases Rapid Security Responses for Actively Exploited Vulnerability CVE-2023-37450 - NHS England Digital
The exploited zero-day vulnerability in Safari, iOS, iPadOS, and macOS Ventura could lead to arbitrary code execution
Your stance is completely in the wrong here.
BL.
Maybe I should have made the sarcasm more obvious
1. There is an update that addresses a threat to security that is so urgent that it needs an immediate patch bypassing the normal point release mechanism
2. There is a mechanism for automatically applying security updates controlled by system preferences
Apple can't join the dots so despite the user (me) saying they want them applied asap without intervention this urgent patch doesn't get applied unless the user (me) notices.
Doesn't seem that clever to me.
BL, there is no point arguing with people like Aston441. These are the same sort of people who say "We don't need Covid vaccines, I never ended up getting Covid!" whilst having benefited from being vaccinated. As Forrest said, stupid is as stupid does.Apparently, you have never been into or have any semblance of security: Internet, or otherwise. For if you had, and had looked at the KB for this, you'll have easily seen the problem:
About the security content of Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1 - Apple Support
This document describes the content of Rapid Security Responses.support.apple.com
There is an active exploit out for already, but don't blame "fear mongering" on lack of ignorance because the research into what was announced wasn't done; nor blame anyone for if one gets compromised because of it.
It's hard to believe your stance of "fear mongering" when both MITRE, NIST, and NHS ave also reported this.
Apple Addresses Critical Zero-Day Exploit (CVE-2023-37450) with Rapid Security Response Updates - SOCRadar® Cyber Intelligence Inc.
Apple has released Rapid Security Response (RSR) updates to tackle a zero-day vulnerability that has been actively exploited. This vulnerability affectsApple Releases Rapid Security Responses for Actively Exploited Vulnerability CVE-2023-37450 - NHS England Digital
The exploited zero-day vulnerability in Safari, iOS, iPadOS, and macOS Ventura could lead to arbitrary code executiondigital.nhs.uk
Your stance is completely in the wrong here.
BL.
Begs the question why are you here and using Apple products?
Because I trusted Apple again like I urged everybody to do.
Never took the original off. Downloaded this right away anyway.
C stands for “Can’t innovate anymore my ass!”
Are these actively exploited vulnerabilities occurring more frequently or is Apple just fixing them more often?
Apple today released updated Rapid Security Response (RSR) fixes that are available for iPhone and iPad users running the iOS and iPadOS 16.5.1 updates and the macOS Ventura 13.4.1 update.
Rapid Security Response updates are designed to provide iOS and macOS users with security fixes without the need to install a full software update. Today's updates address an actively exploited WebKit vulnerability, so it is a good idea to update as soon as possible.
iOS Security Response 16.5.1 (c) and macOS Ventura Security Response 13.4.1 (c) are available through the standard Software Update mechanism in the Settings app. These are quick updates, requiring just a couple of minutes to download the update and then a restart for the install process.
Once the Rapid Security Response update is installed, iOS 16.5.1 users and macOS Ventura 13.4.1 users will see an updated version of the software, and tapping on the version in the About section of Settings will display information about the installed OS version and the Rapid Security Response update. Those who want to disable Rapid Security Response updates on iPhone can do so by following our how to. The updates can also be disabled on the Mac.
Apple initially introduced these Rapid Security Response updates earlier in the week, but the way they were named caused issues with Safari. Select websites like Facebook, Instagram, WhatsApp, Zoom, and more began giving a warning about not being supported on the Safari browser following the software installation.
As a result, Apple pulled the RSRs pending a fix and provided information to users on how to remove the updates. The new (c) RSRs will not cause the same Safari issue.
Article Link: Apple Releases Revised iOS and macOS Security Updates to Fix Actively Exploited Vulnerability and Safari Bug
I remember that these types of updates are newer but does that mean the previous update cycles just left the OSes vulnerable?
A bit of both. When someone finds a vulnerability, they could hold onto it until they exploit it; then it comes down to ethics: Will they report the vulnerability so it can be fixed before the exploit is produced/released, or will they release it and let those that don't do anything about it live with the consequences. In this particular case, it is the latter; someone created an exploit based on the vulnerability, and released it to the wild. Apple is now stuck being reactive to the exploit. If the person finding the vulnerability was going off of ethics, they would/could have reported it to Apple prior to releasing any exploit, allowing Apple to be proactive.
That said, if Apple is fixing these often, then there must be a fair amount of vulnerabilities found in whatever Apple is using for them to need to be patched. That doesn't mean Apple's code is bad, but that someone is finding a way to exploit a vulnerability that even Apple wasn't aware of at that time.
Depending. If there was, say, a complete rewrite of code (for optimization purposes) that produced the vulnerability, those OSes/browsers/kits/etc. that were not rewritten may not have that vulnerability to begin with.
BL.
Is this why my face ID and passcode stopped working in the morning of July 12, 2023? After 1 minute, 5 minutes, 15 minutes, 1 hour, 3 hour, 8 hour waiting, the phone in Security Lockout now. The only solution provided by Apple Support is to erase my phone. I see..., I will be very secured if the phone is fully erased and back to the factory mode. Ha ha ha... it must be an idea from a genius....A-level genius? or C-level genius?
Apple today released updated Rapid Security Response (RSR) fixes that are available for iPhone and iPad users running the iOS and iPadOS 16.5.1 updates and the macOS Ventura 13.4.1 update.
Rapid Security Response updates are designed to provide iOS and macOS users with security fixes without the need to install a full software update. Today's updates address an actively exploited WebKit vulnerability, so it is a good idea to update as soon as possible.
iOS Security Response 16.5.1 (c) and macOS Ventura Security Response 13.4.1 (c) are available through the standard Software Update mechanism in the Settings app. These are quick updates, requiring just a couple of minutes to download the update and then a restart for the install process.
Once the Rapid Security Response update is installed, iOS 16.5.1 users and macOS Ventura 13.4.1 users will see an updated version of the software, and tapping on the version in the About section of Settings will display information about the installed OS version and the Rapid Security Response update. Those who want to disable Rapid Security Response updates on iPhone can do so by following our how to. The updates can also be disabled on the Mac.
Apple initially introduced these Rapid Security Response updates earlier in the week, but the way they were named caused issues with Safari. Select websites like Facebook, Instagram, WhatsApp, Zoom, and more began giving a warning about not being supported on the Safari browser following the software installation.
As a result, Apple pulled the RSRs pending a fix and provided information to users on how to remove the updates. The new (c) RSRs will not cause the same Safari issue.
Article Link: Apple Releases Revised iOS and macOS Security Updates to Fix Actively Exploited Vulnerability and Safari Bug
If that were the case there would be a tsunami of complaints. More like a coincidence due to other issues your phone may be having.
Don’t jinks yourself. I don’t mean it in a rude way. Sometimes I think iOS is the perfect OS I could use but I never know.
I've considered that. Nevertheless it is still true. If Apple was so concerned for everyone's well being, they would offer the security update to everyone who wants it. It's just a few MB. The fact that they have not, is simple, incontrovertible proof, that they are not concerned, not concerned at all, with everyone's well being. Apple is untrustworthy.