惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
W
WeLiveSecurity
O
OpenAI News
N
News and Events Feed by Topic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Webroot Blog
Webroot Blog
Google Online Security Blog
Google Online Security Blog
云风的 BLOG
云风的 BLOG
N
News | PayPal Newsroom
H
Hacker News: Front Page
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
H
Heimdal Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Schneier on Security
宝玉的分享
宝玉的分享
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Y
Y Combinator Blog
Cyberwarzone
Cyberwarzone
Microsoft Security Blog
Microsoft Security Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
GbyAI
GbyAI
Cloudbric
Cloudbric
TaoSecurity Blog
TaoSecurity Blog
人人都是产品经理
人人都是产品经理
P
Palo Alto Networks Blog
M
MIT News - Artificial intelligence
G
GRAHAM CLULEY
C
Check Point Blog
Apple Machine Learning Research
Apple Machine Learning Research
Last Week in AI
Last Week in AI
T
Troy Hunt's Blog
L
Lohrmann on Cybersecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Proofpoint News Feed
Blog — PlanetScale
Blog — PlanetScale
量子位
博客园 - 聂微东
S
Securelist
博客园 - 三生石上(FineUI控件)
F
Full Disclosure
G
Google Developers Blog
L
LINUX DO - 热门话题
P
Proofpoint News Feed
AI
AI
PCI Perspectives
PCI Perspectives

Addigy

Apple Business Update Overview for MSPs | Addigy Which SSO Solution Is Right for Your Apple Devices? Addigy Partner Program for Apple Resellers & Distributors Addigy Identity: New Apple Login Solutions for MSPs & IT Siri Grows Up: What WWDC 2026 Means for Apple Device Admins What is AppleSeed and why should you join it? How to get Apple OS releases early The Mac Endpoint Security Problem: Why Cross-Platform EDR Falls Short on macOS Kandji Is Now Iru — and Just Launched an MSP Program. Here’s What That Means for Your Apple Practice. Before the Bell: A K-12 IT Leader’s Checklist for Apple Device Management Before Budget Season Closes Is Apple MDM actually worth it? Calculating Apple MDM ROI Apple Device Hardening in an AI-Driven Threat Landscape: How IT teams can respond Simplify Compliance and Enhance Security with Addigy Why Apple Devices Are Harder to Manage Than You Think How Windows IT Teams Can Be Successful with Apple at Work Accessibility Update - Spring 2026: Form Elements | Addigy Declaration Configuration Objects Apple MDM Starter Kit: Your First 30 Days to Zero‑Touch Prebuilt Apps Now in Addigy Assist: Zero-Touch Onboarding 3 Ways MSPs Can Scale Secure Apple Management (Without Scaling Headcount) Manage Apple Devices by Employee vs Serial Number The Benefits of Remote Device Management | Key Strategies for IT Teams 9 Reasons to Switch Your Mac MDM: Why IT Teams Choose Apple‑First Platforms 3 Mac troubleshooting tools your MSP techs need How to Manage Claude Code Policies at Scale with Addigy Provisioning vs Deployment in Apple MDM Explained Randomized MAC Addresses: What IT Admins Need to Know
Apple’s First Background Security Improvement (BSI) for macOS, iOS, & iPad: What IT Admins Need to Know
Nicolas Ponce · 2026-03-18 · via Addigy

Apple today shipped its first-ever Background Security Improvement (BSI) — a new, lightweight security patching mechanism that replaces the old Rapid Security Response (RSR) system, which was discontinued in 2023. The update patches a WebKit vulnerability affecting Safari on Macs, iPhones, and iPads, and it does so without requiring a full OS restart. 

If you manage Apple devices, here’s everything you need to know, and how to push it to your fleet right now.

What Happened

Apple issued a security advisory disclosing a bug in WebKit, the browser engine that powers Safari and a wide range of other apps. The flaw, if exploited, could allow a malicious website to access data from a different website open in the same browser session — a category of attack known as cross-site data access.

The fix was released not as a traditional OS update, but as a lightweight delivery mechanism called a Background Security Improvement (formerly Rapid Security Response or RSR). On macOS Tahoe, the update is identified as BSI (a)-25D771280a, and it bumps Safari from version 26.3.1 (21623.2.7.11.7) to 26.3.1 (21623.2.7.111.2). On iPhones and iPads, the update similarly identifies as iOS/iPadOS 26.3.1 (a).

What Makes BSIs Different from Traditional OS Updates

Background Security Improvements are Apple’s answer to a core challenge in software security: how do you get critical fixes to users quickly, without the friction of a full OS update?

Traditional OS updates are heavyweight — they require large downloads, reboots, and often get deferred by users for days or weeks. BSIs are designed to cut through that. Apple describes them as “lightweight” patches aimed at specific components like Safari, WebKit, and key system libraries that benefit from rapid, targeted maintenance.

This is actually a rebranding of a familiar concept. RSR (Rapid Security Response) was Apple’s original version of this mechanism, last used in 2023 with macOS 13. With the release of OS 26, Apple retired the RSR name in favor of Background Security Improvements — same idea, new name, and now making its debut.

Important prerequisite: BSIs are available on devices running iOS, iPadOS, and macOS 26.3.1 only. Devices cannot jump straight from, say, 26.2.0 to the 26.3.1 (a) BSI patch — they must first install the base OS 26.3.1 update. For manual installs, the BSI can be found under Privacy & Security settings → Background Security Improvements.

macOS System Settings showing the Background Security Improvements panel under Privacy & Security, with an arrow pointing to a notice that the setting is managed by the organization.

The Vulnerability

The bug lives in WebKit and relates to cross-site data access — a category of vulnerability that could let a malicious site read data from another site you have open in Safari simultaneously. Apple has not indicated this vulnerability is being actively exploited in the wild.

That said, browser engine vulnerabilities are a perpetual target for attackers, and the speed with which Apple deployed a fix — using this brand-new delivery system — signals the company considers it a meaningful priority.

How to Deploy the BSI via Addigy

Option 1: Install via Automatic Actions

If you configure the Update Settings Declaration with Automatic Actions, it will push to macOS 26.3.1+ devices in your policy settings and automatically install the BSI once the deferral period has elapsed. Updates install when devices meet state of charge, free space, and user inactivity criteria.

Addigy MDM settings panel for "Auto Install Updates via Device AI," showing configuration options for notification preferences, user update permissions, Background Security Improvement settings, deferral periods, and automatic actions — with arrows highlighting key settings.

Once configured, you’ll see the Privacy & Security → Background Security Improvements section marked as managed — auto-install is enforced and cannot be modified by the end user.

macOS System Settings showing the Background Security Improvements panel under Privacy & Security, with an arrow pointing to a notice that the setting is managed by the organization.

Option 2: Install via MacManage Prompt

Shoutout to Addigy Community member Tyler Williams, who put together a script to prompt end users about the latest macOS security update using the built-in MacManage (Self Service) tool.

Find it in the Addigy Community here: https://app.addigy.com/community/scripts/69b9d95cf6fc47c1ce2ae956

When run, end users see a prompt letting them know a security update is required, and it opens the System Preferences pane so they can initiate the update themselves.

A macOS dialog box from Addigy prompting the user to accept and install the macOS 26.3.1 (a) Critical Security Response Update, with a 295-second countdown before the window closes automatically.

Stay Ahead of Apple’s Security Cadence

BSIs are a signal that Apple is accelerating how fast it can ship security fixes — which means the window between patch release and potential exploitation is narrowing. Having an MDM strategy that automates deployment the moment these updates drop isn’t just convenient, it’s becoming a security baseline.

Not managing Apple security updates centrally yet? See Addigy in action for how fast you can get patches like this across your entire fleet.

Frequently Asked Questions

Do BSIs require a restart?

No — that’s one of the key advantages. Background Security Improvements are designed to apply without a full system reboot, reducing disruption for end users and increasing the likelihood of fast, fleet-wide adoption.

What's the difference between a BSI and a regular macOS update?

Regular OS updates are comprehensive — they update the full system and always require a restart. BSIs are surgical: they patch specific, high-priority components like WebKit or Safari and can be applied in the background with minimal disruption.

What happened to Rapid Security Response (RSR)?

RSR was Apple’s previous version of this concept, last deployed in 2023 with macOS 13. With the release of OS 26, Apple retired the RSR name and replaced it with Background Security Improvements. Same core idea, new branding.

Is this vulnerability actively being exploited?

Apple has not indicated active exploitation in the wild as of this writing. That said, WebKit vulnerabilities are a high-value target, and patching quickly is always the right call.