- Urgent apple security update update#
- Urgent apple security update Patch#
- Urgent apple security update software#
Urgent apple security update Patch#
The HT201224 web page invites us to assume that this sort of emergency fix will be use to patch serious WebKit or kernel-level bugs (the very sort that malware implanters and spyware operators love to exploit), but just how dangerous and exploitable the unknown bugs are in this case is, obviously, unknown. There are no release notes to go with the 13.3.1 (a) and 16.4.1 (a) patches for macOS and iOS/iPadOS, so the parts of the system needed patching, and the nature of the vulnerabilities that were fixed, are left unsaid. So, at least we know that there aren’t supposed to be updates right noe for iOS and iPadOS 15, or for macOS 11 and 12 (Big Sur and Monterey), because those versions don’t support the this new rapid-patching system.īut that’s all we know, because what you see above is, as the saying goes, all she wrote. Who gets these patches?Īs Apple notes, this sort of rapid patch is the firt of its sort: New Rapid Security Responses are delivered only for the latest version of iOS, iPadOS and macOS - beginning with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1. The well-known and widely-understood phrase in the wild is stuck between air-quotes the phrase zero-day is avoided entirely, and any possible in-the-wildness is waved away as might have been exploited, and left unadmitted with the words reported to exist. We couldn’t help but smile at the choice of words, as we suspect you will too. They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist “in the wild.”
Urgent apple security update software#
They deliver important security improvements between software updates - for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac. On both devices, there was a brand new URL that linked not to Apple’s usual HT201222 Security Updates portal (which hasn’t been updated since – we checked), but to a brand new page named HT201224, entitled Rapid Security Responses:
This one announced what Apple calls a Security Response, tagged not with a new version number, but with a letter in round brackets after the existing version number.įor macOS Ventura, we were offered version 13.3.1 (a) and for our iPhone, we were offered 16.4.1 (a).
Urgent apple security update update#
Well, today (which just happens to be a public holiday in the UK, as we celebrate Beltane and the approximate halfway point between vernal equinox and summer solstice), we received a brand new sort of update notification for both our Mac and our iPhone. Sometimes, those older versions have received their own patches for exactly the same zero-day holes, without explanation, days or weeks later.Īt other times, the next updates for those older versions have at least implied that the zero-day holes didn’t affect them after all. We’ve had updates arrive for the very latest macOS and iOS versions, but with nothing for earlier supported versions, with no mention of whether those devices were immune by good fortune, at risk but left in limbo for a while, or at risk but never going to be fixed. Our approach has therefore been simply to assume the worst, and to infer that the story that Apple wasn’t telling ran something like this: “Devices analysed in the wild found to have hidden spyware implanted by unknown threat actors.”Īnd we’ve therefore followed our own rhyming advice of: Do not delay/Simply do it today. …but without even the vaguest description of what sort of criminals, and what they were up to, which would at least help to round out the story. We’ve had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them… We’ve written about the uncertainty of Apple’s security update process many times before.
0 kommentar(er)
