Technology

Apple releases first ‘rapid’ security fixes for iPhones, iPads and Macs


Apple on Monday released its first batch of publicly available “rapid security” patches, aimed at quickly fixing security vulnerabilities that are under active exploitation or pose significant risks to its customers.

According to a notice, the so-called Rapid Security Response updates “deliver important security improvements between software updates.”

Rapid Security Responses were introduced to allow Apple customers to update their devices faster than a typical software update takes. Apple says the feature is enabled by default, and some rapid patches can be installed without rebooting, though not always.

The rapid security update lands for customers running iOS 16.4.1, iPadOS 16.4.1 and macOS 13.3.1. Once installed it will add a letter to the software version — such as iOS 16.4.1 (a), iPadOS 16.4.1 (a) and macOS 13.3.1 (a). Users running older versions of Apple’s software will not receive the rapid security fix. Apple said fixes will be included in subsequent software updates.

A screenshot of iOS' software update prompt displaying the first Rapid Security Response patch, but fails to install.

Image Credits: TechCrunch (screenshot)

But Monday’s rollout hasn’t gone so smoothly. Some customers said that they could not install the update. When TechCrunch tested on an iPhone, iPad and Mac, the updates downloaded but did not immediately install.

It’s also not clear what this security update fixes, and Apple did not respond to a request for comment.

In recent weeks, researchers have discovered new exploits developed by spyware makers QuaDream and NSO Group aimed at targeting iPhone owners around the world. Both spyware makers exploited previously undisclosed vulnerabilities in Apple’s software that allowed their government customers to silently steal data from a victim’s device.

Citizen Lab said last month that Lockdown Mode, a feature rolled out by Apple last year to prevent similar targeted attacks, successfully blocked at least one NSO-developed exploit that abused a vulnerability in Apple’s smart home feature, HomeKit.

Given the apparent seriousness of this latest security patch, we will keep trying to update — as should you.



Source link