Apple re-releases zero-day patch after fixing browsing issue

Apple fixed and re-released emergency security updates addressing a WebKit zero-day vulnerability exploited in attacks. The initial patches had to be withdrawn on July 10th due to browsing issues on certain websites.

"Apple is aware of an issue where recent Rapid Security Responses might prevent some websites from displaying properly," Apple said on July 11th.

The company added it would soon release fixed versions of the buggy updates and advised customers to remove them if they were experiencing issues while browsing the web after updating.

While Apple did not share why some websites were prevented from rendering correctly after installing the iOS 16.5.1 (a), iPadOS 16.5.1 (a), and macOS 13.4.1 (a) updates, this likely happened because the new Safari user agent containing an "(a)" string prevented websites from detecting it as a valid version of Safari, causing it to display "browser not supported" error messages.

On July 12th, Apple started pushing iOS 16.5.1 (c), iPadOS 16.5.1 (c), and macOS 13.4.1 (c) Security Response updates that address the web browsing issues.

Apple uses RSR patches to address security issues impacting iPhone, iPad, and Mac devices and to quickly patch vulnerabilities actively exploited in attacks between major OS releases.



Fixed macOS Security Response update (BleepingComputer)