Understanding Apple’s First Rapid Security Response

[Update: a deeper look at RSRs is available here.]

Apple’s first Rapid Security Responses (RSR) for macOS and iOS were deployed earlier in May, with no explanation of what was being fixed. This led to a lot of frustration among Apple IT folks who need to balance the benefit of pushing a security update against the disruption to users — and everyone’s ever-growing update fatigue. Mac admins felt they had no guidance from Apple about how to prioritize this update.

Now that Apple has released the traditional macOS and iOS updates, they’ve also published the release notes listing which vulnerabilities were addressed by each update. Thankfully, they’ve decided to say exactly which vulnerabilities had been fixed by the earlier RSRs.

This confirms what most of us assumed: the RSRs were used to fix issues which were being used in active attacks against Macs, iPhones, and iPads.

I’ll be recommending that RSRs are installed immediately — within 24 hours of release — as a general practice.

(Thanks to dr. k for pointing this out in A look at how Apple is sharing RSR information in rollup security updates)