Well, it happened. Apple has used the macOS Rapid Security Response feature for the first time since announcing it at WWDC.
It’s designed to enable quicker and more frequent security patching for the latest Apple operating systems, especially for WebKit-related flaws that affect Safari and other apps that use Apple’s built-in browser engine. If you’re looking for additional reading on what RSR is and how it works, the articles below are a good starting point:
- Apple: About Rapid Security Responses for iOS, iPadOS, and macOS
- The Electic Light Company: What is a Rapid Security Response (RSR)?
- Mykola’s blog: macOS’ Rapid Security Response: Designed into a Corner
It’s worth noting that this specific update is only available to the latest version of macOS 13.3.1, and that Apple has stated that security updates and patches may only be available to the latest versions of macOS moving forward.
If that doesn’t drive some urgency to update your Mac fleet, I don’t know what will. But how do you determine which computers have been successfully patched?
If you look up the macOS version on a patched mac with sw_vers -productVersion, it still reports 13.3.1. Same with inspecting /System/Library/CoreServices/SystemVersion.plist. If you click on About This Mac, the window does properly list 13.3.1 (a), with the (a) indicating that the Rapid Security Response update has been applied.
How do we determine if the Rapid Security Response update was installed programmatically?
Continue reading Four ways to determine if macOS Rapid Security Response updates have been installed on your fleet.