![]() They deliver important security improvements between software updates - for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. Rapid Security Responses are a new type of software release for iPhone, iPad, and Mac. On both devices, there was a brand new URL that linked not to Apple’s usual HT201222 Security Updates portal (which hasn’t been updated since – we checked), but to a brand new page named HT201224, entitled Rapid Security Responses: ![]() This one announced what Apple calls a Security Response, tagged not with a new version number, but with a letter in round brackets after the existing version number.įor macOS Ventura, we were offered version 13.3.1 (a) and for our iPhone, we were offered 16.4.1 (a). Well, today (which just happens to be a public holiday in the UK, as we celebrate Beltane and the approximate halfway point between vernal equinox and summer solstice), we received a brand new sort of update notification for both our Mac and our iPhone. Sometimes, those older versions have received their own patches for exactly the same zero-day holes, without explanation, days or weeks later.Īt other times, the next updates for those older versions have at least implied that the zero-day holes didn’t affect them after all. We’ve had updates arrive for the very latest macOS and iOS versions, but with nothing for earlier supported versions, with no mention of whether those devices were immune by good fortune, at risk but left in limbo for a while, or at risk but never going to be fixed. ![]() ![]() Our approach has therefore been simply to assume the worst, and to infer that the story that Apple wasn’t telling ran something like this: “Devices analysed in the wild found to have hidden spyware implanted by unknown threat actors.”Īnd we’ve therefore followed our own rhyming advice of: Do not delay/Simply do it today. …but without even the vaguest description of what sort of criminals, and what they were up to, which would at least help to round out the story. ![]() We’ve had urgent updates accompanied by email notifications that warned us of zero-day bugs that needed fixing right away, because crooks were already onto them… We’ve written about the uncertainty of Apple’s security update process many times before. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |