macOS Sequoia Breaks Security Tools, Leaving Users in a Security Limbo

Apple’s newest macOS release, Sequoia, has hit a snag, breaking the functionality of popular security tools from major players like Microsoft, CrowdStrike, SentinelOne, and others. Users are taking to platforms like Reddit to express their frustration with issues impacting security software, including ESET Endpoint Security and CrowdStrike Falcon. The reported problems range from firewalls causing packet corruption and browser SSL failures to the inability to utilize essential commands like ‘curl’ and ‘get.’

While a temporary fix involves turning off the problematic tools, highlighting an incompatibility issue with the network stack, this is not the ideal solution for many. CrowdStrike, in a non-public bulletin, advised users to avoid upgrading to macOS 15, stating, “Due to changes to internal networking structures on macOS 15 Sequoia, customers should not upgrade until a Mac sensor is released that fully supports macOS 15 Sequoia.” SentinelOne Support echoed this sentiment, urging their users to hold off on the upgrade. ESET also joined the chorus of concerns, releasing an alert and suggesting a workaround to fix the issues. The company recommends navigating to System Settings > Network > Filters > Remove ESET Network, but emphasizes that this only applies to Endpoint Security 8.1.6.0 or newer and ESET Cyber Security 7.5.74.0 or newer. Older versions are incompatible.

The issue even extends to VPNs, with users reporting problems with Mullvad VPN and corporate VPNs. However, Proton VPN appears to be unaffected and runs smoothly on the latest macOS 15 release. While Apple has yet to comment officially on the cause of the problem, a macOS 15 release note, seen by Bleeping Computer, suggests an outdated feature in macOS 15’s Firewall might be the culprit. This isn’t the first time an Apple OS release has caused such problems, with the release of macOS Ventura creating similar issues. Patrick Wardle, a long-time iOS and Mac security expert, expressed his concern on LinkedIn, stating, “Déjà vu?! Did Apple *again* release a new OS that *again* breaks 3rd-party security tools?” He pointed to a similar bug in macOS Ventura two years ago, adding, “Root cause appears to either be macOS firewall itself, or the lower-level networking extension subsystem that is “corrupting packets” or other “unintentional changes” to network structures.”

If you rely heavily on these security tools, you might need to hold off on upgrading for now. However, hopefully, Apple will release an update to address the issue quickly, allowing Mac users to enjoy the latest update without worrying about compatibility problems.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top