Posted on 03-02-2023 07:46 AM
With the announcement of the latest zero day, how is everyone going about upgrading there fleet? I have a policy to delay MacOS Minor Version for 30Days, Would that not delay our users receving this new update? or does enabling the box "Allow devices to install Rapid Security Responses (macOS 13 or later) " allow this to happen?
Curious to know how everyone else is handling it. Worse case scenario I can remove the Delay 30 days policy upgrade and put the 30 days back into place.
Posted on 03-02-2023 09:43 AM
13.2.1 isn't a rapid security response update. You would have to remove your 30 day deferral or wait until 03/13/2023 to deploy the update. Be warned that there are multiple reports of users being booted to recovery for this update (13.2.1) . I'm currently waiting for the release of 13.3.
Posted on 03-02-2023 11:45 AM
well 13.2.1 was released on 13th Feb, so not long before your 30 days is up anyway
Posted on 03-03-2023 09:14 AM
My approach is to update.
I started by updating a beta group of about 10% of the fleet and used that to find any bugs we needed to work out fleet-wide before expanding.
Once workflow bugs were identified and addressed I pushed the updated fleet-wide.
One bug that is still annoying is how the display setting reverts to default after the update.
For that reason we use this canned reply in our help desk when folks write tickets reporting that their external display broke after updating;
"Check to make sure that your laptop display settings are set to extend or mirrored. Most folks like mirrored for simplicity."
I used nudge to trigger erase install with stander users. Following this workflow.
I hope that helps! ~ B