Apple addresses an issue where apps can bypass firewalls and VPNs on macOS Big Sur

It was reported that Apple apps bypass firewalls, security tools, VPNs, etc. on macOS Big Sur to communicate, but the latest beta version has removed the feature that causes this problem. It turned out that.

Hooray, no more ContentFilterExclusionList | Patrick Wardle on Patreon

macOS Big Sur 11.2 beta 2 removes filter that lets Apple apps bypass third-party firewalls --9to5Mac

Apple makes welcome change to'Big Sur' security for Macs | Computerworld

Apple removes feature that allowed its apps to bypass macOS firewalls and VPNs | ZDNet

On November 13, 2020, macOS Big Sur, the version 11.0 of the OS for Mac, was released. Although it is a majorly redesigned macOS Big Sur, it was pointed out that Apple apps bypass firewalls and VPNs and communicate without permission.

MacOS Big Sur reveals that Apple app communication cannot be controlled by firewall --GIGAZINE

However, security researcher Patrick Wardle reported on January 14, 2021 that the issue was resolved in beta 2 of version 11.2. A list of apps and services that can bypass the firewall 'ContentFilterExclusionList' was added to macOS Big Sur as an internal file, but according to Wardle, this was removed in beta 2.

The ContentFilterExclusionList included the App Store, FaceTime, software update services, and more. The fact that they can bypass the firewall means that users will not be able to monitor the amount of data the app transfers or the IP address they are communicating with. It has also been pointed out that malicious attackers could use these apps to bypass firewalls to create malware.

However, with the removal of the ContentFilterExclusionList in beta 2 of version 11.2, apps can no longer bypass third-party firewalls and users can monitor again. However, macOS Big Sur 11.2 is only a beta version, and it is unknown at the time of writing the article when it will be applied to all users as an official version.

in Software,   Security, Posted by darkhorse_log