Apple no longer hides its own services from local firewalls. The manufacturer also removed critical security gaps – also in iOS 14.
Local firewalls can now monitor and block network traffic from Apple services in macOS 11 Big Sur. Apple has thus deleted a severely criticized exclusion list from its operating system that made several of the manufacturer’s network services practically invisible to certain firewalls: apps that are based on Apple’s new network extensions such as NEFilterDataProvider and NEAppProxyProviders have been able to handle the network traffic of 50 Apple apps and services so far not filter.
No more exclusion list for Apple services
That has changed with macOS 11.2 , as Apple confirmed on Tuesday night: The so-called “Network Extension Content Filters” are now able to “monitor network traffic from built-in binary files,” the company announced in a list of the innovations for Corporate customers with . An explanation for the original integration of the Apple exclusion list and the motivation for the current removal were not explained. Popular tools like the Little Snitch firewall can filter all network traffic again.
macOS 11.2 now allows mobile device management (MDM) to specify guidelines for kernel extensions on Macs with Apple’s M1 chip and to automatically adjust the settings relating to the safe start mode, as Apple further announced. Managed Macs should also be able to reliably obtain system updates again.
Updates close critical gaps – also in iOS 14
With the latest security updates for macOS 11 Big Sur, 10.15 Catalina and 10.14 Mojave, Apple closes several critical security gaps that allow a remote attacker to smuggle in malicious code, among other things via the frameworks Core Text and FontParser, which are responsible for text display and font management throughout the system and in the past repeatedly offered a target.
These weaknesses also exist in iOS and have been eliminated by iOS / iPadOS 14.4 , as Apple has now added . An attacker was also able to smuggle in their own code via Bluetooth, according to the company. Further details on the security gap are not yet available.
