MacOS Big Sur 11.2 beta 2, released yesterday, disables a feature that allows Apple apps to bypass firewalls, security tools and third-party VPN applications, according to reports from ZDNet and security researcher Patrick Wardle.
AcMacOS Big Sur 11 contained a ContentFilterExclusionList that allowed Apple’s applications such as the App Store, Maps, iCloud and more to avoid firewall and VPN applications installed by users. These apps could not filter traffic for some built-in Apple apps.
Security researchers believe the feature, found in October last year, poses a major security risk as malware can be designed to cling to a legitimate Apple app and bypass security software. Users who have installed VPNs are also at risk of exposing their real IP address and location to Apple’s applications.
Omg we did it! 🤩 Thanks to community feedback (and yes, bad press), Apple decided to remove the ContentFilterExclusionList (in 11.2 beta 2). This means that the firewalls of the socket filter (eg LuLu) can now completely monitor / block all OS traffic !! Read more: https://t.co/GJXkRA31e7 https://t.co/BCPqdCjkV0 – Patrick Wardle (@patrickwardle) 13 January 2021
Apple tells ZDNet last year that the list was temporary and was the result of a series of bugs related to the weakening of network core extensions in ‘MacOS Big Sur’. Apple addressed these bugs, and in the second beta of ‘MacOS Big Sur’ released yesterday, the ContentFilterExclusionList was removed from the macOS code.
When macOS Big Sur 11.2 sees a version, Apple applications will be compatible with VPN applications and can no longer bypass firewalls and other security tools.