On Monday July 10, 2023 Apple released macOS Ventura 13.4.1 (a) as a RSR update along with iOS 16.5.1 (a) and iPadOS 16.5.1 (a) to patch a WebKit security vulnerability. This vulnerability allowed for web content that could lead to arbitrary code execution. This vulnerability may have been actively exploited. However, Apple has pulled this update from distribution (read more in the Update pulled from distribution; why? section).
We published a detailed blog post about the introduction of these rapid security releases earlier, that you can find here. We also have a document that explains how you can manage these Updates here, if interested.
Apple released for only the second time, a new batch of Rapid Security Response fixes. They are for macOS Ventura 13 and iOS 16. You can find the exact details are the links below:
- About the security content of Rapid Security Responses for iOS 16.5.1 and iPadOS 16.5.1
- About the security content of Rapid Security Responses for macOS Ventura 13.4.1
Note: If you are deferring updates, it could prevent your devices from seeing these RSR Updates.
For the first time with an Apple Rapid Security Response, they include release notes. While it's not yet confirmed if all RSR updates will include release notes, this one definitely does.
These vulnerabilities involve arbitrary code execution with WebKit when processing web content.
It is recommended to update as soon as possible to avoid these actively exploited vulnerabilities. The update will require devices to restart.
Update pulled from distribution; why?
The iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 Rapid Security Response updates fixed a WebKit vulnerability that Apple says may have been actively exploited. Unfortunately, it appears that the updates changed the Safari user agent to include an (a), leading some websites to break.
The issue is that the UserAgent string added "(a)" causing a large number of websites to report an unrecognized browser and display a mobile version, or nothing at all.
What do I do now?
Apple updated the release note (https://support.apple.com/en-us/HT213825) to indicate that they are aware of this issue. Apple is working on an updated Rapid Security Response update with macOS 13.4.1 (b) and iOS 16.5.1 (b) and iPadOS 16.5.1 (b) will will be available soon to address this issue.
You can revert the RSR build if necessary on device, but you may want to keep the devices on the most secure patch, at the expense they cannot access certain applications.
A new RSR update should be available very soon, and your fleet will soon see it for updating.