Apple’s new macOS Sequoia update breaks some cybersecurity tools

Apple on Monday released the latest update to its operating system, dubbed macOS 15, or Sequoia. And somehow, the software update broke the functionality of several security tools from CrowdStrike, SentinelOne, Microsoft, and others, according to social media posts as well as messages posted to a Mac-focused Slack channel.

It’s unclear at this point what exactly the issue is, but it appears to be affecting several products from companies that provide software for macOS users and enterprises, causing frustration among those working on security tools for macOS.

“As a macOS security tool developer, I get incredibly frustrated when I constantly have to deal with (understandably) angry users (understandably) blaming my tools for compromising their Macs when in reality it was Apple’s fault all along,” said Patrick Wardle, founder of Mac and iOS security startup DoubleYou and a long-time macOS security expert.

“I understand that writing bug-free software is a challenge, but maybe if Apple spent less time and money on marketing and more on actually testing its software, we would all be better off!” Wardle told TechCrunch.

On the day macOS Sequoia launched, a CrowdStrike sales engineer said in a Slack room for Mac admins that the company had to delay support for the new version of the Mac operating system. “I regret to inform you that we will not be supporting Sequoia on day one, despite our intention (and prior history) of supporting the latest operating system within hours of (general availability),” the engineer said in a message seen by TechCrunch.

The engineer also said CrowdStrike has sent a “Technical Alert” to customers, adding that “there’s quite a bit going on with changes to the network stack.”

“We are also tracking similar issues with other vendors and have feedback and a case with Apple. While we would like there to be a quick fix that would resolve this for us, we are operating under the assumption that this will not happen and we will need to fix it in our code via a sensor release,” the sales engineer wrote.

Contact us

Do you work at a cybersecurity company whose products are affected by the macOS update? From a non-work device, you can securely contact Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382 or on Telegram and Keybase @lorenzofb or email. You can also contact TechCrunch via SecureDrop.

“Please trust me when I say that this has been analyzed from every angle to see if there is a way to continue to provide our customers with the best protection on this new operating system without having to delay,” the CrowdStrike engineer wrote. “Ultimately, it was decided that the best way to protect our Mac fleets was to wait until the issue was resolved.”

Additionally, several people on Reddit have reported issues with the CrowdStrike security product on the new macOS.

CrowdStrike spokesman Kevin Benacci told TechCrunch on Thursday that the company is “currently waiting for an update to macOS Sequoia and will provide official support. We respectfully refer you to Apple with any additional questions.”

Apple did not respond to a request for comment.

On Monday, the SentinelOne support account warned customers in the same Mac-specific Slack channel, “Do not upgrade your endpoints until you have a supported SentinelOne agent,” citing a number of issues with the new macOS version.

SentinelOne did not respond to a request for comment.

After the release, SentinelOne spokesperson Craig VerColnso said in an email: “SentinelOne provided full support for macOS Sequoia immediately upon its release last Monday, as announced on our blog and support pages.”

ESET also notified customers about a network connection issue after upgrading to macOS Sequoia. An ESET representative did not respond to our request for comment.

Following the publication, ESET spokeswoman Jessica Beffa stated that ESET products “are compatible with the new macOS.”

Other users on the same Slack have reported issues with Microsoft Defender for macOS after the Sequoia update. Microsoft did not respond to a request for comment.

Security researcher Will Dormann wrote on Mastodon that he was having issues with DNS and firewall startup on his macOS machine. Another security researcher, Wacław Jacek, wrote in a blog post that “it appears that the operating system’s firewall can sometimes block access to web browsing after upgrading to macOS Sequoia” and provided a potential workaround.

According to a separate Reddit thread, the macOS Sequoia issues have apparently caused problems for Firefox users as well.

The article has been updated with comments from ESET and SentinelOne.