Apple beefs up macOS Big Sur security

Apple beefs up macOS Big Sur security
Apple beefs up macOS Big Sur security (Image credit: Shutterstock)

Security risks were discovered for macOS Big Sur back in November 2020 when developers voiced concerns over an internal file that permitted Apple apps to bypass firewall filters on demand. 

However, Apple has now released macOS Big Sur 11.2 into public beta and has removed the list of exemptions that could have led to security breaches and malware, allowing Mac users the freedom to monitor their app data again. 

MacOS Big Sur 11.2 beta 2

 A file was originally included in macOS Big Sur called “ContentFilterExclusionList,” which listed several official apps such as the App Store, the Music App, and FaceTime that would bypass any firewall installed onto the device. 

This left the affected apps and services exposed to hackers that could use the exclusion list to create malware that would bypass Mac security and ignore any third-party firewall installed on the device. This also removed the ability for users to check what Apple apps were doing with their data, or even block or monitor any operating system traffic.

These issues were initially discovered after a server outage on the macOS Big Sur launch date prevented apps from working, and developers found that Apple was forcing all official applications to have full access to the network. The connection to servers couldn't be severed to get these apps working again, even with a firewall in place.

Patrick Wardle, a security researcher who has been following the issue on his Patreon blog and Twitter account, announced that the exception list has been removed by Apple with macOS Big Sur 11.2 beta 2, which means the previously affected apps can no longer ignore firewalls and users will have the freedom to monitor their web traffic once again.

This is currently accessible for any developers or users registered in the Public Beta program, and as such isn't officially live to the general public at the time of writing. You can read more on the Apple Beta Software Program on the official website. It's easy to sign up if you wanted to be involved and present feedback on any future updates across the Apple product library. 

Via 9to5 Mac

Jess Weatherbed

Jess is a former TechRadar Computing writer, where she covered all aspects of Mac and PC hardware, including PC gaming and peripherals. She has been interviewed as an industry expert for the BBC, and while her educational background was in prosthetics and model-making, her true love is in tech and she has built numerous desktop computers over the last 10 years for gaming and content creation. Jess is now a journalist at The Verge.