Seven months in, iOS and macOS get their first rapid security updates


Enlarge / Macs operating macOS Ventura.


When it introduced iOS 16, iPadOS 16, and macOS Ventura at its Worldwide Builders Convention final summer time, one of many options Apple launched was one thing referred to as “Fast Safety Response.” The function is supposed to allow faster and extra frequent safety patches for Apple’s latest working methods, particularly for WebKit-related flaws that have an effect on Safari and different apps that use Apple’s built-in browser engine.

Almost a yr after that WWDC and greater than seven months after releasing iOS 16 in September, Apple has lastly issued a Fast Safety Response replace. Accessible for iOS and iPadOS units operating model 16.4.1 or Macs operating model 13.3.1, the replace provides an (a) to your OS model to indicate that it has been put in.

At this level, it is unclear whether or not Apple intends to launch extra details about the precise bugs patched by this Safety Response replace; the help web page linked to within the replace is simply a general description of Rapid Security Response updates and the way they work, and the Apple’s Security Updates page hasn’t been up to date with extra data as of this writing.

Apple has launched a number of Fast Safety Response updates to iOS and macOS beta customers prior to now, including during iOS 16.4’s beta phase, however it has by no means launched one to the general public till at this time. It is attainable that the updates launched to beta customers had been merely testing the replace mechanism reasonably than making use of significant safety patches.

As detailed in our macOS Ventura review, the Fast Safety Response function required important under-the-hood adjustments to how the encrypted, sealed system volumes in iOS and macOS usually work. In earlier OS variations, all system information had been on a signed system quantity (SSV), and any change to the information required the whole system quantity to be loaded as a snapshot, patched, resealed, after which loaded the gadget time the gadget reboots.

This setup protects system information from tampering, however the downsides are elevated replace obtain sizes, longer replace occasions, and obligatory reboots, one thing customers will typically postpone to keep away from interrupting what they’re attempting to make use of their computer systems for. The iOS 16 and macOS Ventura updates transfer some system information outdoors of the SSV into still-encrypted however smaller and extra compartmentalized extensions of the SSV. These “cryptexes” might be up to date with out modifying the primary SSV.

Rapid Security Response updates should generally be smaller than other kinds of updates.

Fast Safety Response updates ought to usually be smaller than other forms of updates.

Andrew Cunningham

Fast Safety Response updates will not all the time come with out reboots—at this time’s replace required a reboot of my M1 MacBook Air and iPhone 13 Professional—however they did have a lot smaller file sizes and set up occasions than the 16.4.1 and 13.3.1 updates that Apple launched earlier this month. The iOS 16.4.1 (a) replace was solely 85.7MB on my cellphone, whereas the 16.4.1 replace was a number of hundred MB (although this can fluctuate from gadget to gadget).

Fast Safety Response updates might be disabled in Settings with out modifying your settings for downloading and putting in other forms of iOS and macOS updates. The updates may also be eliminated post-installation.

Right now’s replace initially threw an error message for individuals who tried to put in it, however as of this story’s publication, it looks as if Apple mounted the issue.

Source link