[ad_1]
macOS Big Sur 11.2 beta 2, which was released yesterday, eliminates a feature that allowed Apple apps to bypass firewalls, security tools and third-party VPN apps, according to reports from ZDNet and security researcher Patrick Wardle.
/article-new/2020/08/First-Look-Big-Sur-Feature2.jpg?lossy)
MacOS Big Sur 11 included a ContentFilterExclusionList which allowed Apple applications like the App Store, Maps, iCloud, etc. avoid firewall and VPN apps that users had installed. These apps were unable to filter or inspect traffic for some built-in Apple apps.
Security researchers believed the feature, discovered last October, posed a major security risk, as malware could be designed to hook onto a legitimate Apple app and bypass security software. Users who had VPNs installed were also at risk of exposing their real IP address and location to Apple apps.
Omg we did it! 🤩 Thanks to community feedback (and yes, bad press) Apple has decided to remove ContentFilterExclusionList (in version 11.2 beta 2) This means socket filter firewalls (eg LuLu) can now monitor / block completely all operating system traffic !! Learn more: https://t.co/GJXkRA31e7 https://t.co/BCPqdCjkV0 – patrick wardle (@patrickwardle) January 13, 2021
Apple said ZDNet last year that the list was temporary and resulted from a series of bugs related to the deprecation of network kernel extensions in macOS Big Sur. Apple fixed these bugs, and in the second beta of “macOS Big Sur” released yesterday, removed ContentFilterExclusionList from macOS code.
When macOS Big Sur 11.2 sees a release, Apple apps will be compatible with VPN apps and will no longer be able to bypass firewalls and other security tools.
[ad_2]
Source link