macOS Big Sur 11.2 beta 2, which was released yesterday, removes a feature that allowed Apple apps to bypass third-party firewalls, security tools, and VPN apps, according to reports from ZDNet and security researcher Patrick Wardle.
/article-new/2020/08/First-Look-Big-Sur-Feature2.jpg?resize=560%2C315&ssl=1)
MacOS Big Sur 11 included a ContentFilterExclusionList that allowed Apple applications such as the App Store, Maps, iCloud, and more to bypass the firewall and VPN applications that users had installed. These apps have been unable to filter or inspect traffic for some of Apple’s built-in apps.
Security researchers believed the feature, which was found last October, was a major security risk, as malware could be designed to connect to a legitimate Apple app and bypass the software. of security. Users who had VPNs installed also risked exposing their actual IP address and location to Apple applications.
Omg we did it! 🤩 Thanks to community feedback (and already, bad press), Apple decided to remove ContentFilterExclusionList (in 11.2 beta 2). Socket filter firewalls (e.g. LuLu) can now control / block all operating system traffic. Read more: https://t.co/GJXkRA31e7 https://t.co/BCPqdCjkV0 – patrick wardle (@patrickwardle) January 13, 2021
Apple said ZDNet last year, the list was temporary and the result of a series of errors related to the deprecation of network kernel extensions in macOS Big Sur. Apple has been dealing with these bugs and, in the second version of macOS Big Sur released yesterday, removed the ContentFilterExclusionList from the macOS code.
When macOS Big Sur 11.2 is released, Apple applications will be compatible with VPN applications and will no longer be able to bypass firewalls and other security tools.