On the night of October 4, Apple fixed a serious bug with macOS 15.0.1 that could cause network disruptions if certain types of security tools were installed on a computer. It is now clear what the problem was. It was also revealed that there was a related bug report prior to the Golden Master release of macOS 15 – on which Apple initially did nothing.
Advertisement
hit with trout
The macOS 15.0.1 package insert simply says that the update “improves compatibility with third-party security software.” It doesn’t say that this compatibility existed before Sequoia. It took the first three weeks to fix it. Security expert Patrick Wardle found that the bug apparently reached Apple a few weeks ago. “Any Apple supporter who blames third party vendors deserves a big trout because this was an Apple bug that was reported to GM before,” he writes on x,
How this ignorance arose is not clear. In practice, the bug meant that some connection types with active network filters (via Apple’s Network Extension Framework, which the security tools use) were terminated at the TCP level – presumably because they crashed. This applies to ssh via terminal, but also to other routines. With ssh, error messages like “connection corrupted” or “incorrect key size” came up. Connections worked without network filters. Many security apps used specifically in business environments were affected – for example, SentinelOne, Microsoft, ESET, and CrowdStrike. Little Snitch was in trouble too.
Another problem with DNS
With macOS 15.0.1, Apple has now succeeded in making network filters (again) more stable through network extensions, so that connections do not drop. Another issue with App Firewall is not mentioned in Apple’s package insert. Incoming UDP packets were discarded without leaving any traces, causing DNS errors.
It’s still unclear why Apple made changes to the network extensions that apparently caused the problems. This just goes to show how well you need to prepare for a macOS upgrade. It’s hard to understand that a serious bug was reported but not fixed by Apple before general release.
(B.Sc.)
