On Monday, Apple released iOS 16.5.1 (a), the companies second Rapid Security Response update – and very promptly pulled it.
Apple withdrew the update, because some users were finding Safari wouldn’t properly connect to a lot of popular websites. Apple said would replace it with iOS 16.5.1 (b) in due course, with a similar update for the Mac.
In fact, just a few hours ago, Apple released iOS 16.5.1(c). Yep no b to be seen.
iOS 16.5.1 (c) fixes a critical security flaw in Safari. Apple admits it is “aware of a report that this issue may have been actively exploited” before the company could provide a fix. This is known as a ‘Zero Day’ vulnerability and is the most serious type of security risk.
Apple Rapid Security Responses
Rapid Security Response updates are a new type of device update Apple introduced alongside iOS 16.2 in December.
Rapid Security Response updates provide users with important security fixes, and they can help mitigate security issues that are being actively exploited or have been reported.
Rapid Security Responses that involve the operating system require the device to restart. On macOS, the updated operating system content may be made available to Safari and its associated processes with just a relaunch of those processes, though a restart is required to make this content broadly available to the rest of the operating system.
Rapid Security Responses don’t adhere to the managed software update delay; however, because they apply only to the latest minor operating system version, if that minor operating system update is delayed, the response is also effectively delayed. If necessary, the user can also remove the responses.
Rapid Security Response updates are designated with a letter to differentiate them from other updates.
Each Rapid Security Response is versioned relative to its base operating system version, starting with “a”, then “b” and so on. Within a line of RSRs, successive RSRs always include the changes from previous RSRs.
Subsequent minor operating system updates include the content from all the RSRs that were issued for the previous operating system version.
iOS 16.5.1(c) Security Fixes
Impact: Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: The issue was addressed with improved checks.
iOS 16.5.1(c) Supported Devices
iOS 16.5.1(a) will run on all iPhones from iPhone 8 onwards. To be exact:
iPhone 14 Plus
iPhone 14 Pro
iPhone 14 Pro Max
iPhone 13 mini
iPhone 13 Pro
iPhone 13 Pro Max
iPhone 12 mini
iPhone 12 Pro
iPhone 12 Pro Max
iPhone 11 Pro
iPhone 11 Pro Max
iPhone XS Max
iPhone 8 Plus
iPhone SE (2nd generation or later)
As normal, to update to iOS 16.5.1(c) , go to your iPhone Settings > General > Software Update and install iOS 16.5.1(c) when you can.