My company wants to upgrade all devices to Safari v16.4.1. I know it's possible to upgrade from each endpoint via System Settings/Preferences. But can it be done via Jamf? I figure at the very least I'll need the latest installer, and I can't find a way to get it. I'm also aware that the latest Safari is bundled in the latest version of macOS, but if possible I'd like to avoid having to upgrade the OS. In a perfect scenario I would create a policy with the Safari installer and scope it to all machines, but I'm not sure this can be done. Just throwing the question here in case somebody knows for sure. Any advice is appreciated. Thank you.
For macOS Monterey and Big Sur you can download Safari as a package. That could be uploaded to a policy and pushed. For macOS Ventura you must upgrade the entire OS to get Safari as its not provided stand alone.
From a security standpoint you really want to update macOS. Skipping any security update is leaving you open to attacks.
Second the last point on updating macOS.
For our computers that are on Monterey (and the few computers that max out at Big Sur), we began implementing this script to just update Safari, as there's no built in management command for applications in Software Update.
Thank you all for your comments, I just wanted to know if I was on the right track. I've decided to go ahead with the OS update. After all, even when it's possible, updating Safari takes about as long as updating the OS, and it's just as disruptive. Upgrading the OS without user interaction comes with its own challenges, as I'm sure you all know, but that's a topic for another discussion. Thanks again, I really appreciate your input.