Apple lets you remove automatically installed iPhone security patches in iOS 16

Apple now allows users to remove any iPhone security patches that were automatically installed by iOS 16’s security quick response system.

• What is happening? Apple has acknowledged that users can uninstall any security patches installed by the new Rapid Security Response feature in iOS 16.
• Why care? Sometimes the app you use the most won’t work after a quick security response, or you might need to test something before installing a fix. Well, now you can roll back iPhone security patches!
• What to do? Don’t touch this feature unless you know what you’re doing.

You can now remove iPhone security patches

Apple has updated its support document to confirm that it is now possible to manually remove any security patches for critical exploits that were automatically installed by the iOS 16 Security Rapid Response system.

From Settings → General → About, tap iOS Version and then select Remove Security Update. If you don’t see this option, quick security fixes aren’t installed. You can also reinstall any removed Quick Response Tools later.

But when said patch becomes part of a standard iOS software update, it is permanently installed and cannot be removed.

What is the iOS 16 security quick response feature?

Rapid Security Response is a feature in iOS 16, iPadOS 16, and macOS Ventura that allows Apple to release security patches for critical vulnerabilities without completely updating your iPhone. The goal is to provide critical fixes before they become part of other improvements in a future software update.

This allows Apple to continue to release security updates for older operating systems (a good example is iOS 15.7, the bug fix update that came with iOS 16).

How to Get Quick Security Responses on iPhone

You can automatically receive Quick Security Responses on your iPhone if you go to Settings → General → Software Update → Automatic Updates and make sure “Security Responses & System Files”is turned on.

This will ensure that any security quick responses and system files are automatically downloaded and installed on your iPhone and supported accessories.

If you disable Rapid Security Responses automatic updates, you can manually install these security patches in Settings → General → Software Update.

Some security patches may require you to restart your device to complete the installation. Apple notes that certain system files will always install automatically even if Quick Security Responses is disabled, but doesn’t specify which ones.

This feature is also present in iPadOS 16 and macOS Ventura. However, these updates won’t roll out until October, which is why Apple’s support document doesn’t mention them at this time. Read: Tips on how to secure your iPhone

Why You Shouldn’t Uninstall iPhone Security Patches

By separating security patches from standard iOS releases, Apple can respond much faster to protect the privacy and security of its customers. Let’s say iOS has a new zero-day exploit that is widely used to attack unsuspecting iPhone users.

Once Apple creates a solution to fix the vulnerability, it can automatically install it on all devices with Rapid Security Response enabled. Previously, people had to wait until a patch was implemented in a future iOS software update, leaving them open to exploits.

The vast majority of regular users should leave iPhone automatic fixes enabled by default. Otherwise, you will need to wait for full iOS updates to get the fixes. It goes without saying that no one should remove the security patch installed by Rapid Security Response iOS 16 unless they have a very good reason to do so.

If you are an application developer, you will benefit from testing your software with various security patches installed. Another example would be certain business applications and management tools. Apart from these edge cases, everyone should just enable quick security fixes on their iPhone and be done with it.