Apple is blocking the RSR update the company sent to iPhone, iPad and Mac yesterday. The update served to fix a zero-day in WebKit but caused problems downloading websites. Apple products are left vulnerable in the meantime.
Apple further adds to its explanation of the issued Rapid Security Response (RSR) update. “Apple is aware of an issue where this Rapid Security Response might prevent some websites from displaying properly.”
Devices remain vulnerable
Regarding security, it is wiser to close the zero-day, but the tech giant opted to withdraw the update. According to the report, a follow-up update affecting iPhone, iPad and Mac is coming soon.
Apple devices remain vulnerable to a WebKit zero-day in the meantime. The flaw allows hackers to force Apple devices to execute arbitrary code. This allows the hacker to infect the device remotely.
There are suspicions that hackers are actively exploiting the vulnerability. That prompted the tech giant to implement the patch via an RSR update, instead of waiting until a major software update will be released. So the urgency of the situation is certainly known to Apple.
Update not automatically removed
For those who already installed the update following an alert message on their Apple product, Apple provides instructions to manually uninstall the update: “You can choose to remove Rapid Security Response (a): In Settings > About > iOS Version, tap “Remove Security Response.” Then tap Remove to confirm.”