Help

Safari Patching

tdenton
Contributor

Posted on ‎02-15-2023 09:57 AM

Evening Everyone.

We have been patching safari for the last few Version on our Monterey device. Currently patching 16.3.

While all looks well in Jamf patching management for Safari. I have checked a handfull of devices and 16.3 is install and working.

 

We are seeing some devices advertising Safari through software update despite it been full up to date on the machine.

 Has anyone seen this before? it looks like some sort of delay.

 

Thanks 

 

 

0 Kudos
5 REPLIES 5

AJPinto
Honored Contributor II

Posted on ‎02-15-2023 10:33 AM

The updates released on Monday are a hot mess. Safari was broadcasted to be 16.3.1, and apple released 16.3* instead. You had to read the CFBundleVersion to know which build of Safari you had installed, which of course patch management cannot manage. JAMF Added a patching policy for 16.3.1 this morning. I manage my own patching definitions, are you using JAMF provided packages or are you making your own?

 

So, yes. Lots of strange things right now. 

 

Re: Safari 16.3.1 Standalone Installers - Jamf Nation Community - 284167

tdenton
Contributor
In response to AJPinto

Posted on ‎02-15-2023 11:22 PM

Been using the 16.3 version that I found on MrMacintosh. it working fine as far as I can tell.

should I be using the updated patch policy that Jamf have released with my 16.3 package.

I see there isn’t a 16.3.1 so can’t see that would make any difference. 


Just puzzled why some machines are advising Safari been available through software update. Despite it already been installed. I’m not seeing this on ever machine just some. 

I will say it’s difficult to see how many are showing the above as I have over 800 IMacs.

0 Kudos

mickl089
Contributor III

Posted on ‎02-15-2023 11:32 PM

Correct me if I'm wrong: if I push Safari to all devices in this new version, the devices are safe again, right? There is also no problem that the Ventura Fix 13.2.1 has not yet been installed?

0 Kudos

piotrr
Contributor III

Posted on ‎02-16-2023 05:32 AM

Patching Safari is only one piece of the puzzle, because this affects _webview_ as well, so any app that users Apple's webview (like _all_ webclip-type apps) will also be affected. 

Apple just stealth updated their security update page to list 16.3 again, instead of 16.3.1 for Safari. 
Apple security updates - Apple Support 

0 Kudos

FrogOnABike
New Contributor II

Posted on ‎02-27-2023 05:18 AM

Not sure if this is related, but it seems that there is also some confusion with Safari and using Smart Groups based on "Patch reporting Safari" and asking for it to locate machines with "Latest Version"

In our Patch Reporting, we're showing 36 machines on the latest version yet the Smart Group I've defined to locate them (and so be used to work out which machines I need to target with the update policy) shows 0 devices.

0 Kudos