macOS Sequoia Update Causes Issues for Security Tools and VPNs

Why Trust Techopedia
Key Takeaways

  • macOS Sequoia's firewall update is causing disruptions in security tools from CrowdStrike, SentinelOne, and others.
  • The issues impact network-based tools and VPN connections.
  • Vendors are urging users to delay upgrading to Sequoia while they await a fix from Apple.

Apple’s macOS Sequoia update is disrupting security tools from CrowdStrike, SentinelOne, and Microsoft and causing VPN issues.

Apple’s latest operating system update, macOS Sequoia, was released on September 16. It introduced several new features but is reportedly disrupting security tools from CrowdStrike, SentinelOne, and Microsoft and causing issues with third-party VPN connections.

Apple’s new firewall, a key feature of Sequoia, is suspected to be the root cause. The firewall is intended to enhance security on untrusted networks but has inadvertently blocked essential network functions. Experts have identified issues such as blocked DNS requests and misaligned firewall GUI settings, affecting network-based tools.

Security Tools Disrupted by macOS Sequoia

macOS Sequoia’s release has been marred by reports of compatibility issues with prominent security tools, particularly from vendors like CrowdStrike, SentinelOne, and Microsoft.

CrowdStrike was forced to delay support for Sequoia, with its engineers citing significant changes in the network stack as the cause.

Despite efforts to resolve these issues quickly, vendors are still waiting for Apple to release a patch or update that addresses the root of the problem.

Waclaw Jacek, a security expert, wrote in his blog:

“It seems the OS firewall can sometimes start blocking access to web browsing after upgrading to macOS Sequoia.”

He shared a possible fix for the users who are struggling with Sequoia.

Firewall and DNS Issues

The Sequoia update changed Apple’s firewall, which may be disrupting network-based tools. Will Dormann, a vulnerability researcher, told 9to5Mac that DNS requests are blocked when the firewall is set to “Block incoming connections,” affecting both DNS and other network traffic. Dormann also identified misalignment between the firewall’s GUI and the actual firewall settings, complicating users’ adjustments.

Additionally, users have reported connection issues with VPN services like Windscribe on Sequoia, while others using VPNs such as NordVPN have avoided similar disruptions.

Responses from Affected Vendors

CrowdStrike, SentinelOne, and other vendors have proactively communicated with their customers, urging them to delay upgrades until a fix is in place. CrowdStrike sent out a “Tech Alert” and is tracking feedback and cases submitted to Apple while also preparing to release its own updates to mitigate these issues.

ESET and Microsoft Defender are also reportedly experiencing network connection problems after the update. ESET recently warned customers about connection loss issues.

In summary, while macOS Sequoia brings new security features, it has inadvertently caused significant disruptions for enterprise users relying on third-party security tools and VPNs. Apple has yet to address these concerns, leaving many vendors scrambling to provide support for their users.