Apple Temporarily Withdraws Rapid Security Response Update following Safari Bug
- Jul 13, 2023
- 270
On Monday, Apple released iOS 16.5.1 (a) and macOS 13.4.1 (a) as Rapid Security Response (RSR) updates for iPhones, iPads, and Mac computers. These updates were designed to rectify a vulnerability in the browser engine of Apple that could have potentially allowed hackers to remotely execute malicious code on a user's device. However, in a surprising turnaround, Apple withdrew the updates a few hours later due to a reported bug. The company anticipates resolving the issue and re-releasing the updates in the near future.
Apple’s RSR updates for iOS 16.5.1 (a) and iPadOS 16.5.1 were introduced primarily to counteract a WebKit vulnerability that could permit arbitrary code execution when processing malevolent web content. Apple urged all users to install the update as it was privy to reports indicating that this security flaw was being actively exploited. An anonymous researcher was credited for identifying the flaw. Nevertheless, users started reporting issues on the MacRumors forum, claiming that major websites, including Facebook, Instagram, Zoom, and WhatsApp, were displaying a warning that Safari was not supported.
Reports suggest that the issue was caused by the inclusion of the (a) from the update version in the "user agent" for Safari, an identifier that communicates with websites when connecting. Following the discovery of the bug, Apple reportedly took down the update from its platform. Users who had already downloaded and installed the update could revert their operating systems back to iOS 16.5.1 and iPadOS 16.5.1 by navigating through Settings > General > About > iOS Version and tapping on 'Remove Security Update'.
It was confirmed by Gadgets 360 that the RSR update was no longer available for download after downgrading to iOS 16.5.1 (20F75). Apple is expected to solve the bug related to the Safari user agent and then re-release the update for iOS, iPad, and macOS. Users who have downgraded due to this issue are advised to install the update once it is re-released with the fixes for the security vulnerabilities.
In conclusion, Apple’s quick response to security threats is commendable; however, the swift withdrawal of the updates indicates a need for more rigorous testing prior to release. Users are urged to keep a close watch on Apple's updates and install them promptly when re-released to ensure their devices remain secure against prevalent vulnerabilities.