Hello all Apple have released a

Question

Hello all Apple have released a <https www macrumors com 2023 05 01 rapid security response 16 4 1 |Rapid Security update> this applies the fixes but does not bump the `os version version` in the application of the RSR my query is where might this be tracked I ll be looking at the `os version build` though I am not certain this will change either has anyone had the opportunity to review the RSR s introduced in macOS gt 13 x Ventura as yet Many thanks

oneiroi · Answer

```sudo softwareupdate ai Downloading macOS Security Response 13 3 1 a ``` Will be re checking the `os version` table after application to see what if anything changes

oneiroi · Answer

``` ~ ~ osqueryi line Using a virtual database Need help type help osquery gt select from os version name = macOS version = 13 3 1 major = 13 minor = 3 patch = 1 build = 22E261 platform = darwin platform like = darwin codename = arch = arm64```

oneiroi · Answer

```Downloading 100 00 Downloaded macOS Security Response 13 3 1 a ```

allister · Answer

It won t see it it s checking the SystemVersion plist MDM could inventory it

allister · Answer

I d be surprised if there wasn t already a feature request in to find a way to grab it without shelling out or use an extension to shell out it s pretty easy to get at from e g sw vers

seph · Answer

seph · Answer

Oh Because as allister said osquery is reading this from ` System Library CoreServices SystemVersion plist`

seph · Answer

I can t break out the debugger this morning but I wonder where `sw vers` is pulling from

seph · Answer

Dumped some info into <https github com osquery osquery issues 8008>

grahamgilbert · Answer

Threw this up quick in case anyone needs it prior to it being added to osquery proper <https github com macadmins osquery extension pull 31>

seph · Answer

One quick hack is to use pure sql using the plist table