A few weeks ago, Apple introduced its new macOS Sequoia operating system, also known as macOS 15. This new OS promised significant improvements, however, those customers who have updated are reporting different interferences with essential security and network connectivity tools, which are installed on both business and user computers.
These flaws are affecting major companies such as Microsoft, CrowdStrike, and ESET. The main hypothesis is that these errors are related to changes in the network stack and other critical components of macOS that interfere with the functionality of third-party security solutions.
Problems with security tools
The alert was launched by macOS security expert Patrick Wardle, founder of Objective-See, who warned of the severity of the problem. Wardle mentioned on social network X that both Microsoft and CrowdStrike had already warned about the problems arising from changes in the network structure of macOS 15. In addition, he assured that Apple was aware of these problems before launching macOS Sequoia, which has generated a wave of criticism towards the apple company.
The cybersecurity expert stressed that the main cause seems to be related to bugs in Sequoia’s network components. “This was reported to Apple before Sequoia was released (by multiple people, to multiple teams/organizations within Apple), so Apple was 100% aware of this and shipped macOS 15 anyway.”
Microsoft has detailed in its bulletins that the problem lies in macOS’s stealth mode, a feature that prevents the device from responding to ping requests or TCP or UDP network connections. This mode must be disabled from the firewall settings to resolve the incompatibility.
ESET has also informed its users that its software may show incompatibility after updating and cause connectivity issues if network filters are not manually removed.
Consequences for VPNs and other services
The problem isn’t limited to just conventional security tools. Some VPN users, such as those at Mullvad VPN, have also experienced difficulties. According to reports from Bleeping Computer, these secure connection tools are failing due to incompatibilities with the new network stack introduced in macOS 15. However, not all VPNs are affected, as services like Proton VPN appear to have avoided the problem.
Apple’s new macOS Sequoia operating system, also known as macOS 15, is causing a number of interferences with essential security tools
CrowdStrike, one of the companies most affected by this flaw, is advising its customers not to update to macOS Sequoia until they release a new version of their sensor that is compatible with the operating system. The cybersecurity firm believes that changes in Sequoia’s internal network structures are to blame, and until these are resolved, the update could cause serious security issues.
Apple, silent
Apple has so far not issued an official statement on the exact cause of the issues, thus generating frustration among users and security experts. According to some developers, the company might be working on a solution to mitigate the impact of these unintended changes to network structures. Although the cause is not entirely clear, it seems to be related to the macOS firewall or the network extension subsystem.
It’s not the first time this happens
This type of incident is not new for Apple. In the past, the release of macOS Ventura also caused similar problems. For those who rely on these security tools, the general recommendation is to wait for updates to be released that fix the issues before upgrading to macOS Sequoia.
Affected companies, including CrowdStrike and Microsoft, are working on new patches to make their products compatible with macOS 15. However, until Apple implements a proper fix, users will continue to face security and connectivity issues.
A solution on the way
Apple is expected to release an update to fix these issues in the coming weeks. In the meantime, users should proceed with caution and follow the recommendations of their security software vendors.
This incident once again underlines the importance of conducting thorough testing before releasing software updates, especially on systems that handle user security. For Apple, it is a reminder that innovation should not compromise the stability and security of its products.