Apple's Rapid Security Response Software Updates
Apple is known for its high standards of security and privacy for its users. However, no system is perfect and vulnerabilities can still be found and exploited by malicious actors. That's why Apple has developed a Rapid Security Response (RSR) process that allows it to quickly identify, fix and deploy security updates to its devices.
What is RSR?
Rapid Security Response (RSR) is a method for deploying security fixes to users more frequently. RSR is a process that Apple follows when it becomes aware of a security issue that affects its products or platforms. It involves four main steps:
Investigation: Apple's security team analyzes the issue and determines its severity, impact and scope.
Mitigation: Apple's engineers work on developing a patch or workaround to address the issue and prevent further exploitation.
Testing: Apple's quality assurance team tests the patch or workaround to ensure it works as intended and does not introduce new problems.
Deployment: Apple's release team distributes the patch or workaround to its users via software updates, security bulletins or other channels.
RSR is important because it helps Apple protect its users from potential harm caused by security breaches.
Rapid Security Responses don’t adhere to the managed software update delay; however, because they apply only to the latest minor operating system version, if that minor operating system update is delayed, the response is also effectively delayed. If necessary, the user can also remove the responses.
If a device is using the latest operating system and there is a Rapid Security Response available, AvailableOSUpdates returns the response. The MDM sends a command to install the response. Note that an MDM can only install the response on devices using the latest minor version.
RSR works by leveraging Apple's resources, such as configuration profiles. There are options within macOS and iOS/iPadOS Restrictions payload to allow the installation and removal of these Rapid Security Response updates. Screen shots below for reference:
As of FileWave 15, there are two additional Inventory Items relating to Rapid Security Response; both labelled as Supplemental:
Note, Supplemental Build Version will only show a value if there is a current RSR installed on a device. Once a device updates to the next macOS version, that has no RSR installed, these two inventory items will become blank again.
For Apple documentation regarding Rapid Security Response Updates: