close
close
numb-two

Reports: Apple’s macOS Sequoia Release Causes Issues with EDR Tools

Heory
Reports: Apple’s macOS Sequoia Release Causes Issues with EDR Tools

Endpoint security tools from CrowdStrike, Microsoft, and SentinelOne are reportedly among those affected in the recently released version of macOS.

Endpoint security tools from CrowdStrike, Microsoft, and SentinelOne are reportedly experiencing issues when customers upgraded to a recently released version of Apple’s macOS.

Reports from outlets like TechCrunch, Apple Insider, and BleepingComputer have pointed to a release of macOS 15, known as Sequoia, as the likely source of the bugs users are seeing. The release of macOS Sequoia debuted on Monday.

(Related: Sophos CEO on how EDR vendors and Microsoft are ‘rethinking’ security after CrowdStrike outage)

TechCrunch cited social media posts that indicated difficulties with endpoint detection and response (EDR) tools from CrowdStrike, Microsoft, and SentinelOne, most likely related to the installation of a new version of macOS.

BleepingComputer reported that ESET, as well as CrowdStrike and SentinelOne, are among the affected endpoint security products. The report also reported that some VPN products are affected.

“Partial site loading and sometimes just blank screens with the new macOS,” reads one Reddit post, as cited by BleepingComputer. “Disabling the (CrowdStrike) Falcon web filter seems to fix the issue. Anyone else having this?”

In a post believed to be from a CrowdStrike employee, there was a response to a Reddit post that included a link to a post on the CrowdStrike support portal, which is not public.

“We’ve updated the support article above to highlight any known issues that may occur if you have Falcon-enabled hosts on Sequoia, and new MDM requirements with a configuration profile included,” reads the response from an alleged CrowdStrike employee.

As reported by BleepingComputer, CrowdStrike is reportedly advising customers to “not upgrade until a Mac sensor that fully supports macOS 15 Sequoia is released.”

Researchers spoken to by Apple Insider indicated that the bugs may be related to DNS and firewall issues in macOS 15.

Mayuresh Dani, a security research manager at Qualys, said in an email Friday that based on currently available information, the most likely scenario is changes to the macOS Sequoia firewall that are related to the issues.

In a statement provided to CRN on Friday, ESET’s Tony Anscombe said that in this case, “the compatibility of our software with macOS requires that the ESET product be updated prior to or at the same time as macOS updates.”

“Currently, macOS Sequoia supports ESET Endpoint Security version 8.1.6.0 and later and ESET Cyber ​​Security version 7.5.74.0 and later,” said Anscombe, chief security evangelist at ESET.

CRN has reached out to Apple, CrowdStrike, Microsoft and SentinelOne for comment.