The company's MDM Watchdog Utility monitors the MDM framework on devices and automatically forces the installation of software patches when they have not been put in place. Enterprise admins handling fleets of Macs take note: there’s a new security management tool from Apple device management firm Addigy. The MDM Watchdog Utility monitors the MDM framework on devices and automatically forces software patches to be installed if they’re not already in place. This is designed to help solve a specific problem in which some (not all) managed Macs do not properly install Apple’s Rapid Security Response updates. When security isn’t In today’s fast-moving threat environment, Apple has introduced Rapid Security Response (RSR) as a key front line against new threats. The defense is intended to be distributed and installed across Apple’s platforms as swiftly as possible once new threats are identified. The idea is that by expediting distribution and making installation a quicker process, it will be easier to maintain security across Mac fleets. That’s important as the scale of Apple deployments grows and enterprises move to support employee choice. But that defense is obviously less useful when managed Macs fail to properly install them. Citing its own research, Addigy claims as many as 25% of macOS devices in managed environments could be affected by the issue. Rather than upgrading their defenses, they remain in a “stuck state” after an update is pushed, and the update is never implemented. Time makes fools of us all To make matters worse, the company claims, there is no way for IT departments to know which machines are not implementing RSR updates without manually inspecting them. And, of course, it suggests other MDM functions will also be stalled. That’s not good. “MDM Watchdog monitors the MDM framework on devices and automatically remediates those in which the condition was found,” Addigy said. To achieve this, the tool automatically monitors devices to ensure they are in a healthy state and communicating properly so they act on instructions sent by IT admins (such as when applying an emergency security patch like the RSR update). What’s the underlying problem? Providing a little more insight into the nature of the flaw, Addigy claims the updates aren’t being implemented because in some cases the MDM client binary “gets stuck after executing the OSUpdateScan command” and stops communicating with the Apple MDM Framework. When that happens, later MDM actions may not be acted on or may be delayed. “The stuck state condition we discovered within our customers’ environments affects one out of every four devices, so the impact to macOS environments in any enterprise is likely the same,” Addigy CEO Jason Dettbarn said in a statement. “We are committed to keeping our customers’ macOS devices secure. The MDM Watchdog utility is a critical tool to ensure all of our customers’ devices are automatically updated with the latest RSR and every future update.” The tool is available now to Addigy clients and will be released as a utility for Macs using other MDM services in future, the company said. Meanwhile, Addigy recommends IT staffers verify that Macs in their fleet have installed the update. Optimistically, it seems likely that Apple itself will find a platform-based solution to this problem, probably involving tweaks to the OSUpdateScan APIs it provides to device management vendors in order to improve process reliability. Please follow me on Twitter, or join me in the AppleHolic’s bar & grill and secur groups on MeWe. Related content news analysis Apple earnings: About that iPhone 'slump' in China Based on information from Thursday's earnings report, it seems that data pointing to an iPhone slump in China were over-baked. By Jonny Evans May 03, 2024 9 mins iMac iPhone Apple news analysis Apple confirms it will open up the iPad in Europe this fall The latest efforts to comply with Europe’s Digital Markets Act mean developers can offer to side load apps to both iPhones and iPads in the EU. Apple has also taken steps to improve what it offers to smaller and non-commercial developers in the By Jonny Evans May 02, 2024 6 mins iPad Apple Mobile Apps news Mosyle and Fleet bring new device management options to Apple enterprise Apple's growing enterprise market share is generating tons of opportunity for the company's partners in the device management market. Their approaches reflect the diversity of use. By Jonny Evans May 01, 2024 4 mins Apple Mobile Device Management Mobile Security feature Apple is intensely focused on its global AI efforts When the ship that is Apple moves in any direction, you can always count on careless whispers to expose the destination. From research labs to sophisticated AI models and Apple Silicon for server farms, here's what we've learned in just one By Jonny Evans Apr 30, 2024 6 mins Apple Artificial Intelligence Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe