Support for RSRs on macOS

macadmins / osquery-extension

An osquery extension for endpoint engineers

Apache License 2.0

97 stars 32 forks source link

Support for RSRs on macOS #31

Closed grahamgilbert closed 1 year ago

grahamgilbert commented 1 year ago

osquery> select * from macos_rsr;
+-------------+---------------+--------------------+---------------+
| rsr_version | macos_version | full_macos_version | rsr_supported |
+-------------+---------------+--------------------+---------------+
| (a)         | 13.3.1        | 13.3.1 (a)         | true          |

erikng commented 1 year ago

What does rsr supported mean in this context?

Oneiroi commented 1 year ago

For posterity in relation to @erikng 's question above (as this may in the future show up in a search result);

RSR = "Rapid Security Response"

This first occurred with macOS version 13.3.1 applying RSR version 'a' ;

the intent from Apple here is to be able to push out security releases separate to the normal update flow carrying improvements and bugfixes for macOS, further information w.r.t RSR's can be found on this page (hopefully some reader in the future will find this useful).

Oneiroi commented 1 year ago

13.4.1a has been withdrawn 13.4.1b is to be released "soon"