On Monday, Apple released its latest computer operating system update, called macOS 15 (Sequoia), and for some reason, the software update broke the functionality of multiple security tools made by CrowdStrike, SentinelOne, Microsoft, and others, according to social media posts and messages posted to a Mac-focused Slack channel.
At this time, it's unclear what the issue exactly is, but it appears to affect multiple products made by companies that provide software for macOS users and businesses, sparking frustration among those who work on macOS-specific security tools.
“As a developer of macOS security tools, it's incredibly frustrating to repeatedly have to deal with angry users who (rightfully) blame our tools for breaking their Macs, when in fact it was Apple's fault all along,” said Patrick Wardle, founder of Mac and iOS security startup DoubleYou and a longtime macOS security expert.
“I understand that writing bug-free software is hard, but we might all be better off if Apple spent less time and money on marketing and more time on actually testing its software,” Wardle told TechCrunch.
On the day of macOS Sequoia's release, a CrowdStrike sales engineer said in a Mac admin Slack room that the company had been forced to postpone support for the new version of the Mac operating system: “Unfortunately, despite our intention (and history) of supporting the latest OS within hours of release, we will not be able to support Sequoia on day one.” [General Availability]In a message reviewed by TechCrunch, the engineer said:
The engineer added that CrowdStrike is sending out “technical alerts” to customers and that “there's quite a lot going on with changes to the network stack.”
“We are tracking similar issues with other vendors and have filed feedback and a case with Apple. We hope a patch will be released soon to resolve this issue, but we are operating under the assumption that no such patch will be released and we will need to fix the code in a sensor release,” the sales engineer wrote.
Contact Us Do you work for a cybersecurity company with products affected by the macOS update? You can securely contact Lorenzo Franceschi-Bicchierai from a non-work device via Signal (+1 917 257 1382), Telegram, Keybase @lorenzofb, or email. You can also contact TechCrunch via SecureDrop.
“It is fair to say that we have explored every angle to see if there is a way we could continue to provide our customers with the best possible protection on this new OS without any delays,” CrowdStrike engineers wrote. “Ultimately, we have determined that the best way to protect our Mac fleet is to wait until this issue is resolved.”
Additionally, several people on Reddit have reported issues with CrowdStrike security products on the new macOS.
CrowdStrike spokesman Kevin Benacci told TechCrunch on Thursday that the company is “currently awaiting the macOS Sequoia update before providing official support. We encourage anyone with additional questions to contact Apple.”
Apple did not respond to a request for comment.
On Monday, a SentinelOne support account warned customers in the same Mac Slack channel not to “upgrade your endpoints until you have a supported SentinelOne agent,” citing a series of issues with the new macOS version.
SentinelOne did not respond to a request for comment.
ESET also warned customers about network connection issues after upgrading to macOS Sequoia. ESET representatives did not respond to requests for comment.
Others on Slack reported issues with Microsoft Defender for macOS after the Sequoia update. Microsoft did not respond to a request for comment.
Security researcher Will Dorman wrote on Mastodon that he was having issues running DNS and the firewall on his macOS machine, while another security researcher, Wacław Jacek, wrote in a blog post that “after upgrading to macOS Sequoia, it appears that the OS firewall may start blocking access to web browsing,” and shared a possible workaround.
According to another Reddit thread, the macOS Sequoia issue also appears to be causing problems for Firefox browser users.