Skip to content
Thoughtful, detailed coverage of everything Apple for 34 years
and the TidBITS Content Network for Apple professionals

Rapid Security Responses for iOS/iPadOS 16.5.1 (a) and macOS Ventura 13.4.1 (a)

After publication, Apple pulled these updates due to the website loading issues hinted at below. You can remove the Rapid Security Response updates as outlined in “What Are Rapid Security Responses and Why Are They Important?” (2 May 2023) or use a different Web browser for the affected sites. New Rapid Security Responses should be available soon. –Adam

Apple has released Rapid Security Response updates for iOS 16.5.1 (a), iPadOS 16.5.1 (a), and macOS Ventura 13.4.1 (a) to fix a WebKit vulnerability that could allow malicious Web content to execute arbitrary code. Unsurprisingly, this vulnerability is being actively exploited, and I encourage you to install these updates as soon as feasible.

It won’t take long, although the updates require a restart. The entire process took less than 4 minutes on each of my devices: an iPhone 14 Pro, M1 MacBook Air, and 2020 27-inch iMac. Interestingly, the iPhone update was only 2.7 MB, and the iMac update was 6.4 MB, but the M1 MacBook Air update was far larger at 137.2 MB.

Rapid Security Response notes

Thanks to Will Mayall for pointing out that Facebook’s Web browser detection code doesn’t recognize the new Safari 16.5.2 (a), forcing you to use the mobile version of the site. Facebook will likely update soon, and Apple will probably release a Safari update for older versions of macOS shortly.

Facebook problem with RSR

Let us know in the comments if you experience any other issues during or after the updates.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

This site is protected by reCAPTCHA. The Google Privacy Policy and Terms of Service apply.

Comments About Rapid Security Responses for iOS/iPadOS 16.5.1 (a) and macOS Ventura 13.4.1 (a)

Notable Replies

  1. When are the non-Ventura Macs going to be rescued?

  2. As soon as I restarted after this update, I signed into Facebook which then says it doesn’t recognize Safari and automatically redirects me to the mobile version as a substitute, which looks pretty pitiful on my big Mac screen. No amount of changing the URL back to my traditionally used address will get me back to the OS version of Safari’s Facebook pages.

  3. I see the same thing with Safari. Unfortunately, Safari doesn’t seem to let you lie about what browser you’re using. Facebook still works normally in Brave, though.

  4. Very long time Mac user here. I had the strangest experience after the 13.4.1 (a). When my system rebooted following the update, three of my external drive partitions/volumes mounted in the Finder were renamed “0”.

    I’m running Ventura on a 2017 iMac.

    One of them, was a Carbon Copy Clone and two of them were Syncthing volumes. Every one of them was a second partition/volumes on an external APFS external drive. Has anyone else had this experience??

  5. You can easily open another installedbrowser on your Mac from the Safari Develop tab. the tab can be enabled via Safari>Settings>Advanced.

  6. The vulnerability in Ventura is with WebKit, which is also replaced by the Safari updates to Monterey and Big Sur, as Doug speculated.

  7. My iPhone is showing version “iOS 16.5.1” not “16.5.1 (a)” and says “iOS is up to date”. It is not giving me an option to install this Rapid Security Response update. What am I missing?

  8. Reported on MacRumors at 9 pm Pacific time on July 10:

    " Apple earlier today released new Rapid Security Response updates for iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 users, but Apple has pulled the software, likely due to an issue that caused certain websites not to work after the RSRs were installed."

  9. Continuing from the MacRumors report…

    " According to reports on the MacRumors forums, Facebook, Instagram, WhatsApp, Zoom, and other websites started giving a warning about not being supported on the Safari browser following the Rapid Security Response updates.

    The iOS 16.5.1, iPadOS 16.5.1, and ‌macOS Ventura‌ 13.4.1 Rapid Security Response updates fixed a WebKit vulnerability that Apple says may have been actively exploited. Unfortunately, it appears that the updates changed the Safari user agent to include an (a), leading some websites to break.

    Apple will likely re-release the RSRs when the issue has been addressed."

  10. I was running a Zoom meeting this evening and ran into that exact problem.

    I’ve removed the Rapid Security Response until a new one is released.

  11. How do you remove this Rapid Security Response?

  12. I didn’t have a problem with Zoom (they may have modified their website code since the initial report), but I did have a problem with Facebook-controlled

    Since my passwords are in iCloud, I used Safari Technology Preview. I was able to use the iCloud password manager to retrieve my Instagram login.

  13. MacRumors included a link to instructions for removal from an iDevice in the article linked by Steve.

  14. Glad I’m not alone. My iPhone and iPad both say exactly the same as your phone, and my Studio tells me Ventura 13.4.1 (22F82) is up to date. No options appear on any device to install any updates.

  15. Ahh, and now have read @stevemwerner post about it being pulled

  16. I installed 13.4.1a and did not notice any problems. Reading above postings about the security response supposedly being pulled, I checked my access to my financial institution, and noted that it has not been affected. I don’t do any social media crap, so I’m content to wait for a re-release.

  17. Full instructions for removing them are in our previous article.

    I don’t particularly use Safari so I haven’t been perturbed by the problems with the likes of Facebook and whatnot. It feels like browser-sniffing code wasn’t designed to handle the “16.5.2 (a)” version number to me, but perhaps there’s more to it than that.

  18. No updates are on offer for my iPhone, iPad, and Mac Mini.

  19. Ok, thanks for the update.

    I was not aware of this fact, after reading the original article.

  20. Interestingly, I received notice for my iPhone but haven’t for my iPad Mini 6 even though both are on 16.5.1.

    Edit: OK, the Mini 6 updated today, 18 Jul 23.

  21. Yeah, what is going on with Apple not updating Safari 16.2.5 released on Monday for Monterey. I can’t go to 90% of my sites. At work I’ve updated all the Ventura Macs with the (c) fixed update and there working fine but I can’t fix the monterey Macs. There’s been no talk that Safari 16.2.5 for Monterey was broken as well on any of the Mac sites (Appleinsider, 9to5Mac, MacWorld). I’ve been using Chrome in the meantime. Does anyone know if Apple is aware of this issue? I have Time Machine but I can’t roll back Safari.

  22. They did re-post both the Big Sur and Monterey Safari 16.2.5 installers a couple of times this week, most recently on Friday, but if you don’t see it in Software Update then you should be fine. The only problem reported with the Ventura version was with the version number of “16.2.5 (a)”, nothing about the Safari app or WebKit code. If you aren’t having any problems accessing Instagram, WhatsApp or Zoom, then there is no reason to not be using Safari.

  23. My Safari was updated to 16.2.5 on Monday, July 10, 2023 at 9.28 PM and remember I’m on the latest version of Monterey. Since then most of my pages get an error after trying to reload multiple times. See the error below. Here are some of the sites that get the error (CNN, MSNBC, New York Times, Appleinsider, 9to5Mac, InfoWorld, rottentomatoes, and more. Safari is now useless to me and I can’t rollback to the previous version not even from TimeMachine. I don’t know what to do.

  24. Never mind - figured it out.

Join the discussion in the TidBITS Discourse forum


Avatar for ace Avatar for stevemwerner Avatar for Gobit Avatar for aforkosh Avatar for romad Avatar for schinder Avatar for alvarnell Avatar for duanewilliams Avatar for mark4 Avatar for pmvtutor Avatar for ddmiller Avatar for DSchorow Avatar for phillywxguy Avatar for lockebob78 Avatar for maxglitz Avatar for mretondo