Apple's Rapid Security Response Software Updates

What

Apple is known for its high standards of security and privacy for its users. However, no system is perfect and vulnerabilities can still be found and exploited by malicious actors. That's why Apple has developed a Rapid Security Response (RSR) process that allows it to quickly identify, fix and deploy security updates to its devices.

What is RSR?

Rapid Security Response (RSR) is a method for deploying security fixes to users more frequently. RSR is a process that Apple follows when it becomes aware of a security issue that affects its products or platforms. It involves four main steps:

When/Why

RSR is important because it helps Apple protect its users from potential harm caused by security breaches.

Rapid Security Responses don’t adhere to the managed software update delay; however, because they apply only to the latest minor operating system version, if that minor operating system update is delayed, the response is also effectively delayed. If necessary, the user can also remove the responses.

If a device is using the latest operating system and there is a Rapid Security Response available, AvailableOSUpdates returns the response. The MDM sends a command to install the response. Note that an MDM can only install the response on devices using the latest minor version.

How

RSR works by leveraging Apple's resources, such as configuration profiles. There are options within macOS and iOS/iPadOS Restrictions payload to allow the installation and removal of these Rapid Security Response updates. Screen shots below for reference: