Apple pulls latest Rapid Security Response updates

AppleInsider

Hours after issuing security updates for Mac, iPhone and iPad, Apple has pulled the release, reportedly because it was causing problems with websites including Facebook.

Apple issued the updates to macOS 13.4.1, iOS 16.5.1, and iPadOS 16.5.1, to prevent a security exploit that was actively affecting users. The company's Rapid Security Response (RSR) is intended to mean Apple can swiftly address significant vulnerabilities without waiting for a full update.

As first spotted by MacRumors, however, this particular update caused enough problems that Apple decided to pull it.

Specifically, a range of sites including social media ones such as Facebook and Instagram did not recognize the update, and told Safari users that their browser was not supported. The problem the RSR was intended to fix concerned a vulnerability in WebKit, Apple's browsing engine, which was itself causing some websites to break.

Apple has not commented on its removal of the update, but it will presumably reissue the RSR with a further fix.

The removal of the update came sufficiently soon after release that many users will not have had it. Apple's support documentation includes full details about installing and removing RSRs, but if a user has had the update, they can:

1. Go to Settings, General, About


2. Tap on iOS Version


3. Choose Remove Security Response

On a Mac, most users should be able to:

1. Open System Settings, General, About


2. Scroll down to macOS and look for an i for information button


3. If present, click the button, and a Last Security Response window appears


4. Choose Remove & Restart


5. Confirm your choice

However, there may not be an i for information button if the user is running a beta version of macOS. In that case, they may have to wait until Apple re-releases the RSR update.

Read on AppleInsider

chrissalvatore2003

IMO this is becoming more frequent, and the allure of Apple being the gold standard is dulling. the general lack of innovation, horrendous Siri dictation, and lack of exciting features are (slowly) driving people to Android. As a reference i have all the devices, watch etc, but have been losing faith in Apple since iphone 12.

applezulu

ChrisSalvatore2003 said:

IMO this is becoming more frequent, and the allure of Apple being the gold standard is dulling. the general lack of innovation, horrendous Siri dictation, and lack of exciting features are (slowly) driving people to Android. As a reference i have all the devices, watch etc, but have been losing faith in Apple since iphone 12.

Sure, sure. Android is way better. Don’t let the door hit you on the backside on your way out. 

zeus423

Not working with Facebook is a feature not a bug!

msak

ChrisSalvatore2003 said:

IMO this is becoming more frequent, and the allure of Apple being the gold standard is dulling. the general lack of innovation, horrendous Siri dictation, and lack of exciting features are (slowly) driving people to Android. As a reference i have all the devices, watch etc, but have been losing faith in Apple since iphone 12.

I'm curious about the use of the idea of "gold standard". Since when was Apple considered to be the gold standard and by whom?

I've been an Apple and Mac user since the 1980s and have never heard of Apple being regarded as the gold standard. If there's such a thing, it's made up and perhaps by people who are projecting their expectations and when their expectations do not meet reality they cry not about their false impressions but that reality failed them? Very odd.

maltz

According to a comment on the Ars Technica article about this, the problem appears to just be the user agent string adding the (a) to Safari's version number.  So if you already installed it and don't care about Facebook, etc. (or know how to change the user agent string)... feel free to leave it installed.

gatorguy

maltz said:

According to a comment on the Ars Technica article about this, the problem appears to just be the user agent string adding the (a) to Safari's version number.  So if you already installed it and don't care about Facebook, etc. (or know how to change the user agent string)... feel free to leave it installed.

I thought I had seen others comment that it's not just Facebook affected? 

EDIT: I'm finding others saying both Zoom and Instagram are definitely impacted, while another thinks it's why he couldn't access Disney Plus.

edited July 2023

applezulu

maltz said:

According to a comment on the Ars Technica article about this, the problem appears to just be the user agent string adding the (a) to Safari's version number.  So if you already installed it and don't care about Facebook, etc. (or know how to change the user agent string)... feel free to leave it installed.

I’d seen that suggested somewhere, but this is not the first ..(a) rapid patch, yet this issue didn’t happen before. 

maltz

AppleZulu said:

maltz said:

According to a comment on the Ars Technica article about this, the problem appears to just be the user agent string adding the (a) to Safari's version number.  So if you already installed it and don't care about Facebook, etc. (or know how to change the user agent string)... feel free to leave it installed.

I’d seen that suggested somewhere, but this is not the first ..(a) rapid patch, yet this issue didn’t happen before. 

Did the other one change the user agent string?  If so, how?  I'm not claiming to know exactly what about this user agent change broke those websites in this case.  I use Firefox, and don't browse much on my phone, so I didn't even notice.