macOS 15: Problems with security software from well-known manufacturers

The biggest problems with macOS 15, which has been available for a week, should actually have been resolved, as a beta phase has been running since the beginning of June. Nevertheless, major security companies have now reported problems with their filter and protection programs, which mean that users are better off not using them with the new Mac operating system Sequoia: Apparently, some of their entire functionality is disrupted.

Developers angry, hope for macOS 15.1

Difficulties have been reported by companies such as CrowdStrike, Microsoft, SentinelOne, ESET and smaller companies such as DoubleYou by well-known security expert Patrick Wardle. The creators of the Little Snitch network filter, Objective Development from Vienna, also advise against using macOS 15 for the time being. There are still "several errors in macOS 15 in the area of networks and firewalls", which could lead to "date corruption" in TCP connections. Christian Starkjohann from Objective Development told Mac & i that although it is possible to use Little Snitch 6 in Sequoia, the software only works "as well as the system allows". They are now hoping for macOS 15.1 and quick bug fixes.

Wardle told TechCrunch that it was "incredibly frustrating to have to deal with users being understandably angry every time and understandably blaming their own tools for "breaking the Mac". Yet it is Apple's fault. Of course it is difficult to "write bug-free software". But Apple should perhaps spend less money on marketing and more money on software testing. "Then we'd all be better off!" Why the security companies apparently only noticed the problems with the general release of macOS 15 or whether they had already reported the bugs beforehand without Apple fixing them remained unclear at first.

TCP packets corrupted, DNS requests thrown away

So far, it is only partially clear what exactly seems to be happening with macOS 15. On Reddit and in other forums, the problems are mainly divided into two areas. For example, certain connection types with active network filters (via Apple's Network Extension Framework, which the security tools use) are said to cause connection problems at TCP level –, possibly because they crash. This applies to ssh via terminal, for example, but also to other routines. With ssh, error messages such as "Connection corrupted" or "Wrong Key Size" are spit out. The connections work without a network filter. Sometimes, however, even when surfing the web, unexpected connection problems occur, even when reloading content.

If Apple's own App Firewall is also activated, all incoming UDP packets are suddenly blocked –, at least in some applications. This also affects DNS queries in browsers such as Firefox (Chrome and Safari apparently do not), which then simply stop working. According to Starkjohann, this has to do with the various developer interfaces used to access the UDP packets. Objective Development recommends simply switching off the Apple firewall until a fix is found –, which is also a rather unsightly solution. Furthermore, shared networking for virtual machines no longer seems to work, or only stutter, and DHCP no longer assigns IPs to Macs from time to time. VPN clients such as NordVPN are apparently also affected by this.

Empfohlener redaktioneller Inhalt

Mit Ihrer Zustimmmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.

Preisvergleiche immer laden Preisvergleich jetzt laden

Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.

(bsc)