macOS Sequoia Update Breaks Multiple Security Tools

Apple’s latest operating system update, macOS 15, also known as Sequoia, has disrupted the functionality of several prominent security tools.

Users and developers have taken to social media and Mac-focused Slack channels to express their frustration over the issues caused by the update.

Security tools from companies like CrowdStrike, SentinelOne, Microsoft, and others have reportedly been affected, leaving many enterprises and macOS users in a bind.

Widespread Frustration Among Developers

The release of macOS Sequoia has sparked widespread frustration among developers of macOS security tools.

Patrick Wardle, founder of the Mac and iOS security startup DoubleYou, voiced his concerns about the recurring challenges developers face whenever Apple releases a new update.

“As a developer of macOS security tools, it’s incredibly frustrating to time and time again have to deal with (understandably) upset users (understandably) blaming your tools for breaking their Macs,” Wardle stated. He emphasized the need for Apple to focus more on testing their software rigorously before release. 

The issues appear to stem from changes in the operating system’s network stack, impacting several security products.

A CrowdStrike sales engineer noted in a Slack room for Mac admins that the company had to delay support for Sequoia due to these changes.

“There’s quite a lot going on with the changes in the network stack,” the engineer explained.

Decoding Compliance: What CISOs Need to Know – Join Free Webinar

Companies Scramble to Address Issues

According to the TechCrunch reports, Several companies have quickly responded to the problems caused by the macOS Sequoia update.

CrowdStrike issued a “Tech Alert” to its customers and is waiting for Apple’s update before providing official support.

Despite these challenges, SentinelOne claims to have delivered full support for macOS Sequoia immediately upon its release.

However, a SentinelOne Support account had warned customers not to upgrade their endpoints until they had a supported agent.

After upgrading to macOS Sequoia, ESET also alerted its customers about network connection issues.

Although initial reports suggested compatibility problems, an ESET spokesperson later confirmed that their products are compatible with the new OS.

The issues with macOS Sequoia are not limited to enterprise security tools; individual users have also reported problems.

Security researcher Will Dormann highlighted problems with DNS and firewall operations on Mastodon, while another researcher, Wacław Jacek, noted that the OS firewall could block web browsing access after upgrading.

These disruptions extend beyond security tools, affecting everyday applications like the Firefox browser.

Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14-day free trial