Upgrading to MacOS Sequoia? Here’s why you may want to hold off

screenshot-2024-06-10-at-1-52-49pm.png

Screenshot from nina raemont

Officially released on Monday, Apple’s MacOS Sequoia update is already causing trouble. The new version is being blamed for conflicts with third-party cybersecurity software, TechCrunch reported on Thursday. Users of security tools from Microsoft, CrowdStrike, SentinelOne, and others have taken to social media to complain of problems after updating their Macs.

Also: 6 iOS 18 settings I changed immediately – and why you should too

The issues have prompted some of the affected vendors to back off on support of Sequoia until a resolution is found. Others have lashed out at Apple for its failure to discover the problem while the new OS was being beta tested.

“As a developer of MacOS security tools, it’s incredibly frustrating to time and time again have to deal with (understandably) upset users (understandably) blaming your tools for breaking their Macs, when in reality it was Apple’s fault all along,” Patrick Wardle, the founder of Mac and iOS security startup DoubleYou, and a longtime expert on MacOS security, told TechCrunch. “I get it, that writing bug-free software is challenging, but maybe if Apple spent less time and money on marketing, and more time on actually testing their software, we’d all be better off.”

Also: What caused the great CrowdStrike-Windows meltdown of 2024? History has the answer

A spokesperson for CrowdStrike told TechCrunch on Thursday that the company is waiting for a MacOS Sequoia update. Security vendor ESET warned users of its MacOS product version 6 that network connections could be lost if they updated their Macs to Sequoia. Some users in a Slack channel said they ran into issues with Microsoft Defender for MacOS after installing the Sequoia update.

The problem also seems to be affecting more than just MacOS security software. Some Mac users have complained of conflicts with Firefox. Web developer Wacław Jacek said on Tuesday that he and other people who updated to Sequoia have since run into issues with web browsing in general.

The exact cause of the conflict hasn’t been revealed, at least not by Apple. But some security experts are pointing the finger at Sequoia’s firewall. Jacek reported that the built-in firewall would sometimes start blocking access to web browsing after the Sequoia upgrade. He also said that there’s no way to change the firewall’s access to the browser and offered a workaround to tweak the firewall settings.

Also: We’ve used every iPhone 16 model and here’s our best buying advice for 2024

A blog post by a Mac developer at C-Command Software quoted security researcher Will Dormann who cited an issue with the way the Sequoia firewall handles DNS responses.

“Prior to MacOS 15 Sequoia, ‘Block incoming connections’ meant ‘Don’t poke a hole in my firewall for this.'” Dormann said. “Starting with Sequoia, this also includes ‘Don’t allow responses to DNS requests,’ which is clearly a bug in the MacOS stateful firewall. Any response to a request that I initiate should be allowed in.”

Some people have found that turning off the Sequoia firewall may fix the problem. But doing so then leaves you vulnerable to online threats, defeating the purpose of having a firewall in the first place.

“It is a good thing that security vendors have been proactive in this situation and have already sent out steps to take in case their systems are facing issues with the latest Mac update,” said Mayuresh Dani, manager of security research at Qualys Threat Research Unit.

“From the looks of it, the networking stack — or the macOS Sequoia firewall, to be specific –has undergone changes because the security tools that use it to provide security are not able to do so,” Dani added. “Not just security tools; VPNs are also having a difficult time getting a DNS resolution.”

Apple has not commented publicly so far, but the issue sounds serious. which means the company had better be working on a fix and that fix had better arrive soon.

In the meantime, Dani advises organizations and users to take the following steps:

  1. Avoid updating to macOS Sequoia unless your security vendor has certified it for use.
  2. Turn off auto-updates for major OS releases before internal certification.
  3. Internally certify new operating system releases by installing Dev or Beta builds of operating systems with certified software before organization-wide deployments.

READ MORE HERE