Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

iPhone Users Report Problems Installing Apple’s First Rapid Security Response Update 

Apple has released its first Rapid Security Response patch, but iPhone users are complaining that they are having problems installing it.

New iOS exploit blamed on US intelligence

Apple has released its first Rapid Security Response update, but many iPhone users have complained that they are having problems installing the ‘iOS Security Response’.

The tech giant announced Rapid Security Response in June 2022, when it informed customers that the feature would become available in iOS 16 and macOS Ventura. 

This feature enables Apple to deliver important security patches to Macs and iPhones between standard software updates, and the company initially said the fixes would be applied automatically without requiring a reboot. 

The first Rapid Security Response update was rolled out to iPhones running iOS 16.4.1 and Macs running macOS 13.3.1 on Monday. However, Apple has not published any new security advisories so it’s unclear what vulnerabilities have been addressed with the update.   

Many of the recently patched iOS flaws have been exploited in attacks by the products offered by commercial spyware vendors.

In a support document published on Monday, Apple clarified that Rapid Security Responses can deliver improvements to Safari, WebKit or other critical system libraries.

“They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist ‘in the wild’,” Apple explained.

However, many iPhone users complained that they were unable to install the critical update, receiving an error that reads “Unable to Verify Security Response”. 

Advertisement. Scroll to continue reading.

Some of the impacted users later reported being able to install the update, but SecurityWeek can confirm that the update still doesn’t work on some iPhones, more than 12 hours after it started rolling out. 

When users install a Rapid Security Response update, a letter will be added to their software version number — for example, in this case it’s 16.4.1 (a) or macOS 13.3.1 (a). 

“If you choose to turn off this setting or not to apply Rapid Security Responses when they’re available, your device will receive relevant fixes or mitigations when they’re included in a subsequent software update,” Apple said. 

The company has clarified that a reboot of the device might still be needed in some cases. This first update does require a device reboot. 

Related: Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days

Related: iOS Security Update Patches Exploited Vulnerability in Older iPhones

Related: Apple Patches Exploited iOS Vulnerability in Old iPhones

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Register

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Register

Expert Insights

Related Content

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Critical security flaws expose Samsung’s Exynos modems to “Internet-to-baseband remote code execution” attacks with no user interaction. Project Zero says an attacker only needs...

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

The February 2023 security updates for Android patch 40 vulnerabilities, including multiple high-severity escalation of privilege bugs.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.