Addigy exposes RSR updates gap in 25% of managed macOS devices
Addigy exposes RSR updates gap in 2Your email has been sent
Addigy released a report that Apple RSR updates are not being deployed in about 25% of macOS devices within managed environments. Learn about the root cause of this Apple security issue and possible ways to mitigate it.
Addigy, makers of mobile device management software MDM Watchdog, released a report today stating that Apple Rapid Security Response updates are not being deployed in about 25% of macOS devices within managed environments.
Jump to:
Rapid Security Response updates are a recent addition to Apple’s security update strategy for iPhone, iPad and Mac devices. These updates deliver essential security patches between regular software updates and ensure the swift delivery of security updates to devices that run on iOS, iPadOS and macOS.
While this strategy is billed to surpass the traditional software update process in terms of speed and efficiency, Addigy has found an unusual scenario that calls for concern.
In this latest discovery, Addigy noted that some macOS devices failed to apply the RSR update after an update was pushed, ending up in what the company labeled the “stuck state.”
During Addigy’s research, the company discovered the implementation of RSR was not running as intended. Addigy identified that the MDM client binary becomes unresponsive after executing the OSUpdateScan command, causing it to stop communicating with the Apple MDM Framework. Consequently, the unresponsiveness of the MDM client on a device leads to delays in executing necessary MDM actions, potentially creating vulnerabilities and impacting device security.
It’s particularly concerning that MDM vendors have no way to identify which machines are not implementing the RSR updates unless they manually examine each device and enable the update. Relying on this manual approach shows that several MDM vendors were unprepared when Apple released the RSR updates a couple of weeks ago.
“Very few MDM vendors were prepared for RSR updates when it was released, and not many vendors have the additional capabilities for more granularly means of deploying the RSR process for users and devices,” Addigy founder and CEO Jason Dettbarn noted.
Apple released its first and only batch of RSR updates early this month. The release was intended to be delivered for the latest versions of macOS, iOS and iPadOS. So by default, Apple devices running on the latest versions of these OSs are expected to be affected. However, according to Addigy’s research, this issue affects only a quarter of all MDM-managed macOS environments.
SEE: Gain support from TechRepublic’s macOS community forums.
As a result, all MDM vendors and Apple users running the latest macOS are advised to audit their environments to ensure the crucial RSR update is successfully deployed to every eligible device.
This news has many implications for MDM vendors. For instance, a recent Microsoft threat intelligence report showed how new attack vectors credited to QuaDream spyware makers exploited previously unknown vulnerabilities in Apple’s software; Apple MDM vendors will need to up their game to ensure security updates are not only applied correctly in the devices they manage but also on time.
In addition, customers rely on MDM vendors to ensure the security and integrity of their devices and data. By not implementing these RSR updates in a timely manner, users are left exposed to security risks that could compromise the integrity and privacy of their data.
If MDM vendors consistently fail to implement security updates, it can erode customer trust and confidence in their services, which could lead to reputational damage, loss of business and decreased customer loyalty.
TechRepublic provides a list of six MDM solutions worth checking out. Three of the solutions included are Citrix Endpoint Management, Microsoft InTune and Jamf Pro.
Also, Addigy is introducing a new utility called MDM Watchdog to its customers in order to guarantee the successful implementation of RSR updates across all machines. MDM Watchdog is designed to monitor the MDM framework on devices and take corrective actions for devices that do not meet the required conditions.
In addition, MDM vendors can take these steps to resolve issues relating to updates not being correctly installed on macOS, iOS or iPadOS devices:
If the issue persists, MDM vendors can suggest restarting the devices or asking users to manually check for updates and install them.
Whether you want iPhone and Mac tips or the latest enterprise-specific Apple news, we’ve got you covered.
Addigy exposes RSR updates gap in 25% of managed macOS devices
Your email has been sent
Your message has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
Get up and running with ChatGPT with this comprehensive cheat sheet. Learn everything from how to sign up for free to enterprise use cases, and start using ChatGPT quickly and effectively.
Get the most out of your payroll budget with these free, open source payroll software options. We’ve evaluated the top eight options, giving you the information you need to make the right choice.
We highlight some of the best certifications for DevOps engineers. Learn more about DevOps certifications.
With so many project management software options to choose from, it can seem daunting to find the right one for your projects or company. We’ve narrowed them down to these ten.
This Microsoft PowerToys app simplifies the process of visualizing and modifying the contents of the standard Windows Registry file.
Whether you want iPhone and Mac tips or the latest enterprise-specific Apple news, we’ve got you covered.
PURPOSE Onboarding and offboarding employees requires careful attention. Otherwise, team members may receive insufficient permissions to perform their jobs or continue to have access long after their employment’s termination. Given the stakes, the problem is even worse when managing IT staff permissions, so it’s imperative that your company adopts a system to ensure consistency. Employees, …
PURPOSE TechRepublic Premium presents 10 tips for the Firefox open-source browser. Even if you only follow some of these, you’ll find your browser experience to be much improved. From the article: 1. USE CAUTION WITH ADD-ONS AND THEMES This is one of the first tips I always offer. I’ve seen web browsers with so many …
PURPOSE The purpose of this Bring your own device policy from TechRepublic Premium is to provide requirements for BYOD usage and establish the steps that both users and the IT department should follow to initialize, support and remove devices from company access. These requirements must be followed as documented in order to protect company systems …
PURPOSE Whether due to budget cuts or performance, letting staff go is sometimes a necessity. There are many steps and considerations HR managers need to navigate when it comes to employment termination. Enlisting an employee termination checklist, like this one from TechRepublic Premium, can help supervisors, managers and HR put in place best practices and …
source