Software & Apps

Apple issues first Rapid Security Response for macOS, iOS

Posted on by

On Monday, May 1, Apple released its first-ever Rapid Security Response updates for macOS Ventura, iOS 16, and iPadOS 16.

Apple released a corresponding document explaining what Rapid Security Responses are:

Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac. They deliver important security improvements between software updates — for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist “in the wild.”

Thus it’s possible that this Rapid Security Response may mitigate “actively exploited” vulnerabilities—but if so, Apple is not directly admitting it. Strangely, Apple has not yet made any statement about what specifically it fixed in this week’s RSR updates. On Macs, iPhones, and iPads, the update text only specifies:

This Rapid Security Response provides important security fixes and is recommended for all users.

Apple normally releases update details at its Apple security updates page. So far, Apple has not included any details about this week’s RSR updates on that page. Perhaps Apple intends to wait until after corresponding updates are available for its other operating systems first. Update: On May 18, Apple finally revealed that it had patched two actively exploited vulnerabilities in the RSR updates.

Some users had difficulty installing the Rapid Security Response for a brief period of time after Apple released the update. Apple quickly fixed the problem.

How to get the Rapid Security Response update

Macs running macOS Ventura can get this update by going to System Settings > General > Software Update.

If you have an iPhone with iOS 16 or an iPad with iPadOS 16, you can also get the update by going to Settings > General > Software Update.

After installing the update, the OS version number will include “(a)” at the end, as follows:

  • macOS Ventura 13.3.1 (a)
  • iOS 16.4.1 (a)
  • iPadOS 16.4.1 (a)

Notably, older versions of Apple’s operating systems do not support the Rapid Security Response feature.

How can I learn more?

For additional technical details about Rapid Security Responses from someone besides Apple, you may enjoy Howard Oakley’s Eclectic Light article. Oakley explains why RSRs may require a restart, despite Apple’s intent for the feature to be able to avoid reboots. For much more highly technical detail, check out this blog post by Mykola Grymalyuk, the OpenCore Legacy Patcher product lead.

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes. You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Joshua Long

Joshua Long (@theJoshMeister), Intego's Chief Security Analyst, is a renowned security researcher, writer, and public speaker. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple ID authentication vulnerability. Josh has conducted cybersecurity research for more than 25 years, which has often been featured by major news outlets worldwide. Look for more of Josh's articles at security.thejoshmeister.com and follow him on Twitter/X, LinkedIn, and Mastodon. View all posts by Joshua Long →