ios 11.3

Brown’s Bytes – Because you can, does it mean you should?


6th April 2018

Apple has finally dropped iOS 11.3, and while much of fuss has been about the new battery monitoring features, there have also been several improvements for Mobile Device Management (MDM).

One of the new MDM features available has been requested by companies for years, the ability to delay iOS updates!

Beginning with iOS 11.3, updates to the latest version of iOS can be delayed by up to 90 days on Supervised devices.

This restriction ensures end users will not be able to manually update the OS until the deferral period has expired, after the period expires the device will be able to update to the earliest version available at the time the restriction was set.

It is also worth noting that this restriction is for Over-the-Air (OTA) updates only, if the user wants to update the OS, it can still be done using a computer with Apple Configurator or iTunes.

Now that Apple has given us this control, there is another train of thought… should you defer these OS updates?

More and more OS vulnerabilities (Critical Vulnerabilities and Exposures – CVE’s) are being discover each day and while not all pose a huge risk, it should be noted that Apple provides patches to these CVE’s in iOS updates. This should be considered if planning to use this feature.

So could delaying the iOS 11.3 or future updates, present a risk to the company?

To find out more or to see how we can help protect again mobile threats, contact us.