Apple Begins Warning Users That 'Legacy System Extensions' Won't Work With a Future Version of macOS

by

Apple has shared a new support document that indicates kernel extensions — which it calls "legacy system extensions" — will not be compatible with a future version of macOS because they "aren't as secure or reliable as modern alternatives."

System extensions are a category of software that works in the background to extend the functionality of your Mac. Some apps install kernel extensions, which are a kind of system extension that works using older methods that aren't as secure or reliable as modern alternatives. Your Mac identifies these as legacy system extensions.

Starting in macOS 10.15.4, released this week, a warning will now appear when a kernel extension first loads, and again periodically while the extension remains in use. Users began noticing the warning during beta testing.

macos catalina legacy system extension alert
Apple says it began informing developers that macOS Catalina will be the last macOS to fully support kernel extensions in 2019, adding that it has been working with developers to transition their software. A final transition date has not yet been set, but some developers are assuming that kernel extensions will be deprecated in macOS 10.16.

Apps with kernel extensions will continue to work in macOS Catalina.

"By moving beyond these extensions, developers are helping to further modernize the Mac, improve its security and reliability, and enable more user-friendly software distribution methods," the support document reads.

One affected app is Malwarebytes, which said that "a significant percentage of our total support case volume" was related to the new kernel extension warning less than 24 hours after the public release of macOS 10.15.4.


Malwarebytes director Thomas Reed said Apple has a new EndpointSecurity framework as a replacement for kernel extensions:

We are aware of this, and have been working on replacing our kernel extension since late last year. We plan to replace it with Apple's new EndpointSecurity framework before the release of macOS 10.16, when it is assumed that kernel extensions will no longer work, in part or in full. (We only know that Apple has said they "will not work without compromise" in "a future version of macOS." But we'd rather not find out the hard way exactly what that means.)

The kernel extension will continue to be supported for macOS 10.14 (Mojave) and earlier, but macOS 10.15 (and later) will no longer need it, once we have an update available.

So, no need to panic. We've still got your back, and won't let your protection falter. All you've got to do is make sure you're keeping Malwarebytes for Mac up-to-date. If you have updated to at least version 4.2, and have not disabled the new auto-update feature, it'll update itself in the background without you needing to do anything. To ensure you're up-to-date, just open Malwarebytes and choose Check for Updates from the Malwarebytes menu.

Technical details for developers are available in an Apple document titled "Deprecated Kernel Extensions and System Extension Alternatives."

Related Forum: macOS Catalina

Popular Stories

2024 iPhone Boxes Feature

Apple Adjusts Trade-In Values for iPhones, iPads, Macs, and More

Thursday November 6, 2025 11:12 am PST by
Apple today updated its trade-in values for select iPhone, iPad, Mac, and Apple Watch models. Trade-ins can be completed on Apple's website, or at an Apple Store. The charts below provide an overview of Apple's current and previous trade-in values in the U.S., according to its website. Maximum values for most devices either decreased or saw no change, but the iPad Air received a slight bump. ...
Read Full Article70 comments
Finder Siri Feature

Apple's New Siri Will Be Powered By Google Gemini

Wednesday November 5, 2025 11:57 am PST by
The smarter, more capable version of Siri that Apple is developing will be powered by Google Gemini, reports Bloomberg. Apple will pay Google approximately $1 billion per year for a 1.2 trillion parameter artificial intelligence model that was developed by Google. For context, parameters are a measure of how a model understands and responds to queries. More parameters generally means more...
Read Full Article368 comments
Liquid Glass General Feature

Apple Shares Liquid Glass Design Gallery

Thursday November 6, 2025 2:45 pm PST by
Apple is promoting the new Liquid Glass design in iOS 26, showing off the ways that third-party developers are embracing the aesthetic in their apps. On its developer website, Apple is featuring a visual gallery that demonstrates how "teams of all sizes" are creating Liquid Glass experiences. The gallery features examples of Liquid Glass in apps for iPhone, iPad, Apple Watch, and Mac. Apple...
Read Full Article112 comments
iOS 26

iOS 26.1 Available Now With These 8 New Features

Monday November 3, 2025 5:54 am PST by
Following more than a month of beta testing, Apple released iOS 26.1 on Monday, November 3. The update includes a handful of new features and changes, including the ability to adjust the look of Liquid Glass and more. Below, we outline iOS 26.1's key new features. Liquid Glass Toggle iOS 26.1 lets you choose your preferred look for Liquid Glass. In the Settings app, under Display...
Read Full Article
airtag purple

Apple's Website Lists AirTag 4-Pack at Shockingly Low Price [Updated]

Friday November 7, 2025 6:40 am PST by
Apple's online store in the U.S. is suddenly offering a pack of four AirTags for just $29, which is the same price as a single AirTag. This is likely a pricing error, and it is unclear if orders will be fulfilled. Apple has not discounted the AirTag four-pack in any other countries that we checked. Delivery estimates are already pushing into late November to early December, suggesting...
Read Full Article92 comments
apple watch se 3 always on

Apple to Remove iPhone-Apple Watch Wi-Fi Sync in EU With iOS 26.2

Thursday November 6, 2025 4:37 am PST by
Apple in iOS 26.2 will disable automatic Wi-Fi network syncing between iPhone and Apple Watch in the European Union to comply with the bloc's regulations, suggests a new report. Normally, when an iPhone connects to a new Wi-Fi network, it automatically shares the network credentials with the paired Apple Watch. This allows the watch to connect to the same network independently – for...
Read Full Article217 comments
ikea smart home devices

IKEA Debuts 21 HomeKit-Compatible Smart Bulbs, Sensors, and Controls

Thursday November 6, 2025 4:08 pm PST by
IKEA today announced the upcoming launch of 21 new Matter-compatible smart home products that will be able to interface with HomeKit and the Apple Home app. There are sensors, lights, and control options, all of which will be reasonably priced. Some of the products are new, while some are updates to existing lines that IKEA previously offered. There are a series of new smart bulbs that are...
Read Full Article74 comments
Home Hub Command Center with Dome Base Feature

Apple's 2026 Smart Home Revamp: All the Rumors

Wednesday November 5, 2025 3:54 pm PST by
It's been over a decade since Apple's HomeKit smart home platform launched, and it is overdue for an update. HomeKit and the Home app can no longer keep up with AI-powered solutions from other companies like Google and Amazon, but that's set to change with a smart home revamp that Apple has planned for 2026. Home Hub Apple is working on a home hub or "command center" that will serve as a...
Read Full Article56 comments

Top Rated Comments

JimmyBanks6 Avatar
JimmyBanks6
73 months ago

It's nothing to do with security.
"Sandboxing software is nothing to do with security"

You heard it here first folks. ?
Score: 18 Votes (Like | Disagree)
chrfr Avatar
chrfr
73 months ago

It's nothing to do with security.
It's specifically about stability and also security.
The new system extensions will not have sufficiently low level access to the system to cause kernel panics. That's a big improvement regardless of the motivation.
Score: 18 Votes (Like | Disagree)
HiVolt Avatar
HiVolt
73 months ago
It's nothing to do with security. It's about total control of the hardware & software experience, like on iOS.

They've been doing it slowly but surely over the last number of years.
Score: 14 Votes (Like | Disagree)
cmaier Avatar
cmaier
73 months ago

It's nothing to do with security. It's about total control of the hardware & software experience, like on iOS.

They've been doing it slowly but surely over the last number of years.
making drivers run in user space is absolutely about security.
Score: 10 Votes (Like | Disagree)
venom600 Avatar
venom600
73 months ago

"Sandboxing software is nothing to do with security"

You heard it here first folks. ?
So it is just a coincidence that the method of improving security they chose and continue to implement just happens to also reduce user control and limit how the machine can be used, right? I bet you think they removed the headphone jack out of courage too.
Score: 7 Votes (Like | Disagree)
cmaier Avatar
cmaier
73 months ago

So it is just a coincidence that the method of improving security they chose and continue to implement just happens to also reduce user control and limit how the machine can be used, right? I bet you think they removed the headphone jack out of courage too.
It's not a coincidence, it's computer science. The more control you let a third-party app have over things outside it's own user space, the more likely it is to cause system instability and to present a security risk.
Score: 7 Votes (Like | Disagree)
Read All Comments