CTI Flash Briefing:

Apple’s first ever Rapid Security Response patch is failing to install on iPhones

James Beal

Published in

Hunter Strategy

2 min readMay 4, 2023

Breakdown

Apple launched a new style of patch for iOS 16.4.1 and macOS 13.3.1, called Rapid Security Response (RSR) patches. They are designed as small and quick patches for actively exploited vulnerabilities between major software updates. Even with automatic update turned on, many iPhones did not install the patch when it was released, and you will need to do so manually this time to ensure your devices are secure.

Overview

Apple releases major software updates and security patches on a regular basis. This new style of security patch is designed to keep devices as updated and secure as possible in between these major releases. It is similar to Microsoft and several other vendors who have normal patching releases but, when necessary, release what is called an Out of Bounds security update for certain systems under active attack. Certain devices are erroring out on the install with “Unable to Verify Security Response” errors. According to the BleepingComputer post on this event:

According to user reports, the RSR update delivered today for iPhones also fails to install on some devices with “Unable to Verify Security Response” errors.
“iOS Security Response 16.4.1 (a) failed verification because you are no longer connected to the Internet,” the errors read.
Despite this, as BleepingComputer confirmed, the affected devices are connected to the Internet, and a server-side bug likely causes the issues.

Recommendation

Check the General->Software Update section in the settings for your device. If your device is on 16.4.1(a) it will show as up to date. If you have an update pending, even if you have automatic updates turned on, run the patch. It appears the above errors may have only occurred on launch day and should install normally.

Conclusion

To our current SOC partnerships, please reach out to our SOC team to learn more about the best steps in researching your exposure to this threat. If you have any questions on this on-going event or need any level of security assistance, please reach out to Hunter Strategy and we will be happy to discuss next steps in securing your IT systems!

Contact Us

contact@hunterstrategy.net

Our Website