This week, Apple released its first Rapid Security Response (RSR) patches for devices running iOS 16.4.1 and macOS 13.3.1. RSRs are small updates that fix security issues between scheduled updates. However, some users have reported difficulty installing RSR patches on their iPhone.
RSRs are designed to be loaded and applied automatically by the operating system, providing immediate protection against potential exploitation. This allows users to deviate from the normal system update cycle, in which they can delay or skip updates, leaving their devices vulnerable to attack.
Apple has stated that some of these unscheduled patches can even be used to quickly fix vulnerabilities actively exploited by hackers. Users can still disable automatic updates and refuse to install Rapid Security Response patches, and then the device will receive fixes as part of the next software update.
According to Bleeping Computer, the deployment of the first RSR patches did not go smoothly. User reports indicate that the iPhone update failed to install on some devices, with users receiving the “Unable to Verify Security Response” error. The message reads, “iOS Security Response 16.4.1(a) failed verification because you are no longer connected to the internet,” despite users and journalists confirming that the affected devices were connected to the internet. It is likely that the problems are due to a server-side error.
Interestingly, Apple has not yet reported what issues in iOS and macOS have been addressed by these fixes. The Apple security updates page, which usually lists the latest security updates, does not contain any information about fresh RSR patches, and Apple has not yet announced if they will share information about such “patches”. The only message users get is “This Rapid Security Response contains important security fixes and is recommended for all users”, and for more information, they are asked to refer to the support page, which contains only general information about RSR.
