Apple’s iOS 16.1.1 has just launched, but the next software version iOS 16.2 is in the beta stage, along with a new iOS 16.2 Rapid Security Response function.
Late on Wednesday afternoon, Apple issued a small “Rapid Security Update” to Tuesday’s iOS 16.2 beta — but what exactly it entails isn’t known. There’s not yet much known about the updates which is obviously a critical security fix of some sort. The update is very small, weighing in at less than 100 MB. There are some peculiar details about it. It is removable by the user. Additionally, it does not appear folded into new downloads of the iOS 16.2 beta 3 that was made available on Tuesday afternoon.
What is known, is that this is clearly the first visible deployment of the new feature that has separated urgent security updates from large iOS updates.
And judging from the release notes, iOS 16.2 will come with a bunch of cool new features. Among these, iOS 16.2 could see a new feature called Rapid Security Response in action, which is a way for the iPhone maker to apply security updates to your phone on the fly. It was first announced with iOS 16 at Apple’s Fall event and was not made immediately available. But according to reports, Apple has just tested Rapid Security Response in the iOS 16.2 beta.
The iPhone maker describes Rapid Security Response on its support page:
“In a future update to iOS 16, iPadOS 16.1, and macOS 13, Apple will add a mechanism for shipping security fixes to users more frequently. These responses are included in any ensuing minor update (not upgrade) and, on a Mac, update content appears on the Preboot volume (through symbolic links in /System/Cryptexes/).
“Rapid Security Responses don’t adhere to the managed software update delay; however, because they apply only to the latest minor operating system version, if that minor operating system update is delayed, the response is also effectively delayed.”
Why automatic updates aren’t as good as they seem
Rapid security updates can’t come soon enough. Apple’s automatic security updates aren’t very quick in arriving on iPhones. In fact, despite having automatic updates turned on, many iPhone users are left waiting days or weeks until after new iOS versions are released. This means the only way to ensure serious security holes are fixed is by manually applying iOS updates. Apple devices are increasingly being targeted by adversaries, with multiple security holes fixed this year that were already being used in attacks. Some of these attacks are pretty serious and can allow an adversary to gain control of your device.
Apple has explained why automatic updates aren’t applied straight away to all iPhones. As I wrote previously, Apple likes to wait for any bugs to be sorted out before pushing iOS updates to all devices. Also, ensuring everyone isn’t updating their iPhones at once avoids overloading Apple’s servers each time an iOS upgrade is issued.
iOS 16.2 Rapid Security Response—a giant security boost (we hope)
Maybe we’re always on the side of improved security, but when iOS 16.2 launches, Rapid Security Response should be a massive boost to iPhone security. If it works, it requires virtually no interaction for security holes to be fixed. And let’s be real, many people don’t have automatic updates turned on.
We’ll see what happens!
Winsor Consulting is a Cybersecurity driven MSP serving the US. With the strongest focus on cybersecurity, Winsor is making waves within the industry. Reach out today to get a no-risk security assessment.