惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Register - Security
The Register - Security
云风的 BLOG
云风的 BLOG
U
Unit 42
F
Fortinet All Blogs
The GitHub Blog
The GitHub Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
D
Docker
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
S
Secure Thoughts
Hacker News: Ask HN
Hacker News: Ask HN
Vercel News
Vercel News
S
Security @ Cisco Blogs
GbyAI
GbyAI
Stack Overflow Blog
Stack Overflow Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
I
Intezer
MongoDB | Blog
MongoDB | Blog
AI
AI
MyScale Blog
MyScale Blog
Engineering at Meta
Engineering at Meta
Y
Y Combinator Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
P
Proofpoint News Feed
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
W
WeLiveSecurity
博客园 - 叶小钗
S
SegmentFault 最新的问题
N
News | PayPal Newsroom
WordPress大学
WordPress大学
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
D
DataBreaches.Net
小众软件
小众软件
Microsoft Azure Blog
Microsoft Azure Blog
Spread Privacy
Spread Privacy
H
Help Net Security
美团技术团队
博客园 - 司徒正美
T
Threat Research - Cisco Blogs
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
K
Kaspersky official blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
V
Vulnerabilities – Threatpost
TaoSecurity Blog
TaoSecurity Blog
N
Netflix TechBlog - Medium
L
Lohrmann on Cybersecurity
J
Java Code Geeks
量子位
Martin Fowler
Martin Fowler
博客园_首页

Addigy

Apple Business Update Overview for MSPs | Addigy Which SSO Solution Is Right for Your Apple Devices? Addigy Partner Program for Apple Resellers & Distributors Addigy Identity: New Apple Login Solutions for MSPs & IT Siri Grows Up: What WWDC 2026 Means for Apple Device Admins What is AppleSeed and why should you join it? How to get Apple OS releases early The Mac Endpoint Security Problem: Why Cross-Platform EDR Falls Short on macOS Kandji Is Now Iru — and Just Launched an MSP Program. Here’s What That Means for Your Apple Practice. Before the Bell: A K-12 IT Leader’s Checklist for Apple Device Management Before Budget Season Closes Is Apple MDM actually worth it? Calculating Apple MDM ROI Apple Device Hardening in an AI-Driven Threat Landscape: How IT teams can respond Simplify Compliance and Enhance Security with Addigy Why Apple Devices Are Harder to Manage Than You Think How Windows IT Teams Can Be Successful with Apple at Work Accessibility Update - Spring 2026: Form Elements | Addigy Declaration Configuration Objects Apple MDM Starter Kit: Your First 30 Days to Zero‑Touch Prebuilt Apps Now in Addigy Assist: Zero-Touch Onboarding 3 Ways MSPs Can Scale Secure Apple Management (Without Scaling Headcount) Manage Apple Devices by Employee vs Serial Number The Benefits of Remote Device Management | Key Strategies for IT Teams 9 Reasons to Switch Your Mac MDM: Why IT Teams Choose Apple‑First Platforms 3 Mac troubleshooting tools your MSP techs need How to Manage Claude Code Policies at Scale with Addigy Provisioning vs Deployment in Apple MDM Explained Randomized MAC Addresses: What IT Admins Need to Know
Apple’s First Background Security Improvement (BSI) for macOS, iOS, & iPad: What IT Admins Need to Know
Nicolas Ponce · 2026-03-18 · via Addigy

Apple today shipped its first-ever Background Security Improvement (BSI) — a new, lightweight security patching mechanism that replaces the old Rapid Security Response (RSR) system, which was discontinued in 2023. The update patches a WebKit vulnerability affecting Safari on Macs, iPhones, and iPads, and it does so without requiring a full OS restart. 

If you manage Apple devices, here’s everything you need to know, and how to push it to your fleet right now.

What Happened

Apple issued a security advisory disclosing a bug in WebKit, the browser engine that powers Safari and a wide range of other apps. The flaw, if exploited, could allow a malicious website to access data from a different website open in the same browser session — a category of attack known as cross-site data access.

The fix was released not as a traditional OS update, but as a lightweight delivery mechanism called a Background Security Improvement (formerly Rapid Security Response or RSR). On macOS Tahoe, the update is identified as BSI (a)-25D771280a, and it bumps Safari from version 26.3.1 (21623.2.7.11.7) to 26.3.1 (21623.2.7.111.2). On iPhones and iPads, the update similarly identifies as iOS/iPadOS 26.3.1 (a).

What Makes BSIs Different from Traditional OS Updates

Background Security Improvements are Apple’s answer to a core challenge in software security: how do you get critical fixes to users quickly, without the friction of a full OS update?

Traditional OS updates are heavyweight — they require large downloads, reboots, and often get deferred by users for days or weeks. BSIs are designed to cut through that. Apple describes them as “lightweight” patches aimed at specific components like Safari, WebKit, and key system libraries that benefit from rapid, targeted maintenance.

This is actually a rebranding of a familiar concept. RSR (Rapid Security Response) was Apple’s original version of this mechanism, last used in 2023 with macOS 13. With the release of OS 26, Apple retired the RSR name in favor of Background Security Improvements — same idea, new name, and now making its debut.

Important prerequisite: BSIs are available on devices running iOS, iPadOS, and macOS 26.3.1 only. Devices cannot jump straight from, say, 26.2.0 to the 26.3.1 (a) BSI patch — they must first install the base OS 26.3.1 update. For manual installs, the BSI can be found under Privacy & Security settings → Background Security Improvements.

macOS System Settings showing the Background Security Improvements panel under Privacy & Security, with an arrow pointing to a notice that the setting is managed by the organization.

The Vulnerability

The bug lives in WebKit and relates to cross-site data access — a category of vulnerability that could let a malicious site read data from another site you have open in Safari simultaneously. Apple has not indicated this vulnerability is being actively exploited in the wild.

That said, browser engine vulnerabilities are a perpetual target for attackers, and the speed with which Apple deployed a fix — using this brand-new delivery system — signals the company considers it a meaningful priority.

How to Deploy the BSI via Addigy

Option 1: Install via Automatic Actions

If you configure the Update Settings Declaration with Automatic Actions, it will push to macOS 26.3.1+ devices in your policy settings and automatically install the BSI once the deferral period has elapsed. Updates install when devices meet state of charge, free space, and user inactivity criteria.

Addigy MDM settings panel for "Auto Install Updates via Device AI," showing configuration options for notification preferences, user update permissions, Background Security Improvement settings, deferral periods, and automatic actions — with arrows highlighting key settings.

Once configured, you’ll see the Privacy & Security → Background Security Improvements section marked as managed — auto-install is enforced and cannot be modified by the end user.

macOS System Settings showing the Background Security Improvements panel under Privacy & Security, with an arrow pointing to a notice that the setting is managed by the organization.

Option 2: Install via MacManage Prompt

Shoutout to Addigy Community member Tyler Williams, who put together a script to prompt end users about the latest macOS security update using the built-in MacManage (Self Service) tool.

Find it in the Addigy Community here: https://app.addigy.com/community/scripts/69b9d95cf6fc47c1ce2ae956

When run, end users see a prompt letting them know a security update is required, and it opens the System Preferences pane so they can initiate the update themselves.

A macOS dialog box from Addigy prompting the user to accept and install the macOS 26.3.1 (a) Critical Security Response Update, with a 295-second countdown before the window closes automatically.

Stay Ahead of Apple’s Security Cadence

BSIs are a signal that Apple is accelerating how fast it can ship security fixes — which means the window between patch release and potential exploitation is narrowing. Having an MDM strategy that automates deployment the moment these updates drop isn’t just convenient, it’s becoming a security baseline.

Not managing Apple security updates centrally yet? See Addigy in action for how fast you can get patches like this across your entire fleet.

Frequently Asked Questions

Do BSIs require a restart?

No — that’s one of the key advantages. Background Security Improvements are designed to apply without a full system reboot, reducing disruption for end users and increasing the likelihood of fast, fleet-wide adoption.

What's the difference between a BSI and a regular macOS update?

Regular OS updates are comprehensive — they update the full system and always require a restart. BSIs are surgical: they patch specific, high-priority components like WebKit or Safari and can be applied in the background with minimal disruption.

What happened to Rapid Security Response (RSR)?

RSR was Apple’s previous version of this concept, last deployed in 2023 with macOS 13. With the release of OS 26, Apple retired the RSR name and replaced it with Background Security Improvements. Same core idea, new branding.

Is this vulnerability actively being exploited?

Apple has not indicated active exploitation in the wild as of this writing. That said, WebKit vulnerabilities are a high-value target, and patching quickly is always the right call.