Apple has just used its new Rapid Security Response system for the first time in a regular public release—all prior RSR patches were for iOS/macOS beta testing purposes.
The patch comes as an update for those running iOS or iPadOS 16.4.1 or macOS 13.3.1. There are no release notes for this update, Apple only provides the boilerplate description: “This Rapid Security Response provides important security fixes and is recommended for all users.” The update is 85.2MB compared with nearly 2GB for iOS 16.4.1.
As Apple describes, the new Rapid Security Response system will let it patch security vulnerabilities without needing to wait for larger version releases that take weeks to test:
Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac. They deliver important security improvements between software updates — for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. They may also be used to mitigate some security issues more quickly, such as issues that might have been exploited or reported to exist “in the wild.”
New Rapid Security Responses are delivered only for the latest version of iOS, iPadOS and macOS — beginning with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1.
At this time, Apple’s Security Updates page does not yet list the specific fixes of this RSR. We’ll update this story as more details about the update are made available, though it’s possible Apple won’t divulge the patches until iOS 16.5 arrives. It’s not clear if Apple will be moving away from security fixes that are tied to point updates or if these RSR updates are for quicker emergency-style fixes.
If you want to make sure you receive these updates, go to Settings (System Settings on macOS) > General > Software Updates > Automatic Updates and make sure you have “Security Responses & System Files” enabled. They are reportedly being rolled out over a couple of days, so your device might not receive the update immediately or there may be issues installing it. These fixes will eventually be included in the next iOS/iPadOS/macOS release, but that can take a while and leave your device vulnerable in the meantime.
This new system was meant as a way for Apple to update critical system components quickly without updating all of iOS, which can include updates to built-in apps and requires a lot more testing before release.