Saturday, 8 March 2025

Apple Rapid Security Response and Intune

Back to main macOS page

Rapid Security Responses (RSR) are a type of software release for iPhone, iPad, and MacOS devices. They deliver important security improvements between major software updates. They can also be used to mitigate some security issues more quickly. Rapid Security Responses are supported for versions starting with iOS 16.4.1, iPadOS 16.4.1, and macOS 13.3.1.

By default, Apple devices automatically apply Rapid Security Responses. Users may be prompted to restart their device.


iPhone or iPad: Go to Settings > General > Software Update > Automatic Updates, you should see that "Security Responses & System Files" is turned on. This is from my iOS 18.3.1 device.

Mac: Choose Apple menu > System Settings. Click General in the sidebar, then click Software Update on the right. Click the Show Detail button next to Automatic Updates, you should see that "Install Security Responses and system files" is turned on.

When a Rapid Security Response has been applied, a letter appears after the software version number, for example, macOS 13.3.1 became 13.3.1 (a) after the first RSR was applied, then (b) etc. Build numbers is a bit more complicated. The build number for macOS 13.3.1 is 22E261 but 13.3.1 (a) is 22E772610a. You need to know the build number if you will be configuring Intune policies.

So what can we configure with Intune? Remember RSR is enabled by default.

Settings catalog

Some configurations are available via the Settings Catalog and are identical for iOS and macOS.

Settings are available in two categories:


Restrictions:

  • Allow Rapid Security Response Installation - if 'false', Rapid Security Response will be disabled
  • Allow Rapid Security Response Removal - if 'false', users are unable to remove the Rapid Security Response option.

Declarative Device Management preview Software Update Settings:

  • Enable - if 'false', Rapid Security Responses are not offered for user installation. If 'true', Rapid Security Responses are offered to the user.
  • Enable Rollback - if 'false', Rapid Security Response rollbacks are not offered to the user. If 'true', Rapid Security Response rollbacks are offered to the user.

Compliance

You can configure an Apple Rapid Security Response update as the minimum OS build in an Intune compliance policy, for use with conditional access. 


Enter the supplemental build version. For example, 22E772610a is macOS 13.3.1 (a). Note that this had some teething problems when first released as the version wasn't detected correctly and conditional access blocked compliant devices. 

I hope this helps you to understand Apple Rapid Security Responses and what you can configure in Intune. Until next time...... 


Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)