Cyber Security Threat Summary:
“Apple has launched the first Rapid Security Response (RSR) patches for iOS 16.4.1 and macOS 13.3.1 devices. As the company describes in a recently published support document, RSR patches are small-sized updates that target the iPhone, iPad, and Mac platforms and patch security issues between major software updates. Some of these out-of-band security updates may also be used to address vulnerabilities actively exploited in attacks. ‘They deliver important security improvements between software updates — for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries…They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist in the wild,’ Apple explains” (Bleeping Computer, 2023).

Security Officer Comments:
Although this is a great milestone for Apple, some users have reported that they are having issues installing the RSR patches on their iPhones. When trying to apply the update, the following error message is displayed “iOS Security Response 16.4.1 (a) failed verification because you are no longer connected to the Internet.” Bleeping computer was able to confirm that the affected devices were connected to the internet when the error message was displayed and believes this is likely due to a server-side bug that has yet to be addressed by Apple.

Suggested Corrections:
It is unclear what security vulnerabilities were fixed as part of the RSR patches released yesterday. When checking Apple’s security updates page, the following is stated “This Rapid Security Response provides important security fixes and is recommended for all users. To learn more please visit: https://support.apple.com/HT201224."

To check if RSR patches are available for your device, the following steps can be taken :