Apple removes macOS feature that let its apps bypass firewall, VPNs

Apple has removed a feature in macOS Big Sur that allowed its apps to bypass third-party firewalls, VPN apps and security tools. The latest macOS Big Sur 11.2 beta 2 confirms the removal of this feature called the ContentFilterExclusionList.

Apple introduced this in macOS 11, and the exclusion list included Apple's native apps such as the App Store, iCloud, and Maps, according to a report by ZDNet. This was first discovered in October by security researchers such as Patrick Wardle who highlighted the potential security risks with this exclusion list as it could infect Apple apps with malware. It also risked macOS users from having their IP addresses and location exposed as Apple apps could bypass VPN apps.

Apple told ZDNet that this list was temporary, and the reason behind it was due to a series of bugs in the Apple apps. Apple further explained to the publication that the bugs were “related to Apple deprecating network kernel extensions (NKEs) in Big Sur and introducing a new system called Network Extension Framework, and Apple engineers not having enough time to iron out all the bugs before the Big Sur launch last fall.”

Apple did fix some of the bugs, and it has now removed the list entirely with the latest macOS Big Sur beta update. Once the stable release rolls out, these Apple apps will no longer be able to bypass the third-party security tools, firewalls and VPN apps. It will be fixed in macOS Big Sur 11.2 update.