Rapid Security Responses for iOS/iPadOS 16.5.1 (a) and macOS Ventura 13.4.1 (a)

When are the non-Ventura Macs going to be rescued?

I don’t have one of those systems, but Apple does seem to have a Safari 16.5.2 update for Monterey and Big Sur: About the security content of Safari 16.5.2 - Apple Support

As soon as I restarted after this update, I signed into Facebook which then says it doesn’t recognize Safari and automatically redirects me to the mobile version as a substitute, which looks pretty pitiful on my big Mac screen. No amount of changing the URL back to my traditionally used address will get me back to the OS version of Safari’s Facebook pages.

I see the same thing with Safari. Unfortunately, Safari doesn’t seem to let you lie about what browser you’re using. Facebook still works normally in Brave, though.

Very long time Mac user here. I had the strangest experience after the 13.4.1 (a). When my system rebooted following the update, three of my external drive partitions/volumes mounted in the Finder were renamed “0”.

I’m running Ventura on a 2017 iMac.

One of them, was a Carbon Copy Clone and two of them were Syncthing volumes. Every one of them was a second partition/volumes on an external APFS external drive. Has anyone else had this experience??

You can easily open another installedbrowser on your Mac from the Safari Develop tab. the tab can be enabled via Safari>Settings>Advanced.

The vulnerability in Ventura is with WebKit, which is also replaced by the Safari updates to Monterey and Big Sur, as Doug speculated.

My iPhone is showing version “iOS 16.5.1” not “16.5.1 (a)” and says “iOS is up to date”. It is not giving me an option to install this Rapid Security Response update. What am I missing?

Reported on MacRumors at 9 pm Pacific time on July 10:

" Apple earlier today released new Rapid Security Response updates for iOS 16.5.1, iPadOS 16.5.1, and macOS Ventura 13.4.1 users, but Apple has pulled the software, likely due to an issue that caused certain websites not to work after the RSRs were installed."

Continuing from the MacRumors report…

" According to reports on the MacRumors forums, Facebook, Instagram, WhatsApp, Zoom, and other websites started giving a warning about not being supported on the Safari browser following the Rapid Security Response updates.

The iOS 16.5.1, iPadOS 16.5.1, and ‌macOS Ventura‌ 13.4.1 Rapid Security Response updates fixed a WebKit vulnerability that Apple says may have been actively exploited. Unfortunately, it appears that the updates changed the Safari user agent to include an (a), leading some websites to break.

Apple will likely re-release the RSRs when the issue has been addressed."

I was running a Zoom meeting this evening and ran into that exact problem.

I’ve removed the Rapid Security Response until a new one is released.

How do you remove this Rapid Security Response?

I didn’t have a problem with Zoom (they may have modified their website code since the initial report), but I did have a problem with Facebook-controlled Instagram.com.

Since my passwords are in iCloud, I used Safari Technology Preview. I was able to use the iCloud password manager to retrieve my Instagram login.

MacRumors included a link to instructions for removal from an iDevice in the article linked by Steve.

Glad I’m not alone. My iPhone and iPad both say exactly the same as your phone, and my Studio tells me Ventura 13.4.1 (22F82) is up to date. No options appear on any device to install any updates.

Ahh, and now have read @stevemwerner post about it being pulled

I installed 13.4.1a and did not notice any problems. Reading above postings about the security response supposedly being pulled, I checked my access to my financial institution, and noted that it has not been affected. I don’t do any social media crap, so I’m content to wait for a re-release.

Full instructions for removing them are in our previous article.

I don’t particularly use Safari so I haven’t been perturbed by the problems with the likes of Facebook and whatnot. It feels like browser-sniffing code wasn’t designed to handle the “16.5.2 (a)” version number to me, but perhaps there’s more to it than that.

No updates are on offer for my iPhone, iPad, and Mac Mini.

Ok, thanks for the update.

I was not aware of this fact, after reading the original article.

Interestingly, I received notice for my iPhone but haven’t for my iPad Mini 6 even though both are on 16.5.1.

Edit: OK, the Mini 6 updated today, 18 Jul 23.

Yeah, what is going on with Apple not updating Safari 16.2.5 released on Monday for Monterey. I can’t go to 90% of my sites. At work I’ve updated all the Ventura Macs with the (c) fixed update and there working fine but I can’t fix the monterey Macs. There’s been no talk that Safari 16.2.5 for Monterey was broken as well on any of the Mac sites (Appleinsider, 9to5Mac, MacWorld). I’ve been using Chrome in the meantime. Does anyone know if Apple is aware of this issue? I have Time Machine but I can’t roll back Safari.

They did re-post both the Big Sur and Monterey Safari 16.2.5 installers a couple of times this week, most recently on Friday, but if you don’t see it in Software Update then you should be fine. The only problem reported with the Ventura version was with the version number of “16.2.5 (a)”, nothing about the Safari app or WebKit code. If you aren’t having any problems accessing Instagram, WhatsApp or Zoom, then there is no reason to not be using Safari.

My Safari was updated to 16.2.5 on Monday, July 10, 2023 at 9.28 PM and remember I’m on the latest version of Monterey. Since then most of my pages get an error after trying to reload multiple times. See the error below. Here are some of the sites that get the error (CNN, MSNBC, New York Times, Appleinsider, 9to5Mac, InfoWorld, rottentomatoes, and more. Safari is now useless to me and I can’t rollback to the previous version not even from TimeMachine. I don’t know what to do.

Never mind - figured it out.