iOS 16.2—Why you should implement the next iPhone software right away

Apple’s iOS 16.1.1 has just been released, but the next software version iOS 16.2 is in beta stage. And, judging by the release notes, iOS 16.2 will come with a number of cool new features.

But interestingly, Apple iOS 16.2 could see in action a new feature called Rapid Security Response, which is a way for Apple to apply security updates to your phone on the fly. It was first announced with iOS 16 at Apple’s fall event, but it wasn’t immediately available. That could change, as the iPhone maker just tested Rapid Security Response in the iOS 16.2 beta.

The iPhone manufacturer describes Rapid Security Response on its support page:

“In a future update for iOS 16, iPadOS 16.1, and macOS 13, Apple will add a mechanism to send security patches to users more frequently. These responses are included in any subsequent minor update (not an upgrade) and, on Macs, the update content appears in the Preboot volume (via symlinks in /System/Cryptexes/).

“Fast security responses don’t keep up with the managed software update delay. However, because they only apply to the latest minor OS release, if that minor OS update is delayed, the response is also substantially delayed.”

Apple says that rapid security responses involving the operating system require a device restart. Meanwhile, rapid security responses involving Safari require the user to close the application.

Because automatic updates aren’t as good as they seem

Rapid security updates can’t come soon enough. As I’ve mentioned before, Apple’s automatic security updates don’t arrive very quickly on iPhones. In fact, despite having automatic updates enabled, many iPhone users are left waiting days or weeks for new iOS versions to be released. This means that the only way to ensure that serious security holes are fixed is to manually apply iOS updates.

This is despite the fact that Apple devices are increasingly being targeted by hackers, with multiple security holes patched this year already being used in attacks. Some of these attacks are quite serious and can allow an adversary to gain control of your device.

Apple has explained why automatic updates don’t apply to all iPhones immediately. As I wrote before, Apple likes to wait for any bugs to be resolved before pushing iOS updates to all devices. Also, by ensuring that everyone doesn’t update their iPhones right away, it avoids overloading Apple’s servers every time an iOS upgrade is released.

iOS 16.2—a huge security boost (we hope)

When iOS 16.2 is released, Rapid Security Response should be a huge boost to iPhone security. If it works, it requires virtually no interaction to fix security holes. And let’s be honest, a lot of people don’t have automatic updates turned on.

Independent security researcher Sean Wright says the arrival of rapid response updates in iOS 16.2 is “excellent news”.

“We’ve seen several high-profile vulnerabilities in iOS recently that are supposed to have been exploited in the wild,” Wright says. “Having the means to quickly and easily patch these types of vulnerabilities will greatly help iOS device owners. Plus, since they don’t require a full OS update, they should install faster.”

However, Apple needs to get the quick security response right. “This can help with updates, but if the deployment process/mechanism is still not ‘good and timely’, we’ll still have the same deployment lag issues,” says security consultant Daniel Card.

He points out that Apple’s security information is often sparse, and more details about how serious a vulnerability is, as well as how easy it is to exploit, would help security experts understand how big a problem it is “without confusing the people”.

When it arrives, Rapid Security Response will make things much easier. If it comes with iOS 16.2, it’s definitely a reason to make sure you apply it right away.

Leave a Reply

Your email address will not be published. Required fields are marked *