macOS 15.0.1: How Apple fixes problems with security tools
macOS 15 Sequoia caused problems right from the start when certain security tools were running on the Mac. This is what the bugfix in macOS 15.0.1 looks like.
Apple logo: Sometimes things go wrong with upgrades.
(Image: Sebastian Trepesch)
On the night of October 4, Apple fixed a serious bug in macOS 15.0.1 that could lead to network interruptions if certain types of security tools were installed on the computer. It is now clear what the specific problem was and what Apple has fixed with the fix. It has also been revealed that there was a bug report about this even before the Golden Master release of macOS 15, which Apple initially did nothing about.
Hit with the trout
In the macOS 15.0.1 package insert, it is only stated that the update "improves compatibility with third-party security software". It doesn't say that this compatibility existed before Sequoia. It had previously taken a good three weeks to get the fix. Security expert Patrick Wardle found out that the bug had apparently reached Apple weeks earlier. "And to any Apple apologist who blamed 3rd-party vendors, you deserve to be slapped with a large trout as, this was an Apple bug reported before GM", he writes on X.
How this ignorance came about remains unclear. In practice, the bug meant that certain connection types with active network filters (via Apple's Network Extension Framework, which the security tools use) were terminated at TCP level – possibly because they crashed. This even applied to ssh via terminal, but also to other routines. With ssh, for example, error messages such as "Connection corrupted" or "Wrong Key Size" were spit out. The connections worked without a network filter. Numerous security apps that are used in the business environment in particular were affected – those from SentinelOne, Microsoft, ESET and CrowdStrike, for example. Little Snitch also had difficulties.
Videos by heise
Second problem with DNS
With macOS 15.0.1, Apple now seems to have succeeded in making the network filters via Network Extensions more stable (again) so that connection drops no longer occur. Another problem with the App Firewall is not mentioned in Apple's package insert. Incoming UDP packets were disposed of without leaving any residue, which led to DNS errors.
It is still unclear why Apple made changes to the network extensions that apparently lead to the problems. It just shows once again how well you need to prepare for macOS upgrades. It is difficult to understand why the serious bug was reported but not fixed by Apple before the general release.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(bsc)
