Apple Begins Warning Users That 'Legacy System Extensions' Won't Work With a Future Version of macOS - MacRumors
Skip to Content

Apple Begins Warning Users That 'Legacy System Extensions' Won't Work With a Future Version of macOS

Apple has shared a new support document that indicates kernel extensions — which it calls "legacy system extensions" — will not be compatible with a future version of macOS because they "aren't as secure or reliable as modern alternatives."

System extensions are a category of software that works in the background to extend the functionality of your Mac. Some apps install kernel extensions, which are a kind of system extension that works using older methods that aren't as secure or reliable as modern alternatives. Your Mac identifies these as legacy system extensions.

Starting in macOS 10.15.4, released this week, a warning will now appear when a kernel extension first loads, and again periodically while the extension remains in use. Users began noticing the warning during beta testing.

macos catalina legacy system extension alert
Apple says it began informing developers that macOS Catalina will be the last macOS to fully support kernel extensions in 2019, adding that it has been working with developers to transition their software. A final transition date has not yet been set, but some developers are assuming that kernel extensions will be deprecated in macOS 10.16.

Apps with kernel extensions will continue to work in macOS Catalina.

"By moving beyond these extensions, developers are helping to further modernize the Mac, improve its security and reliability, and enable more user-friendly software distribution methods," the support document reads.

One affected app is Malwarebytes, which said that "a significant percentage of our total support case volume" was related to the new kernel extension warning less than 24 hours after the public release of macOS 10.15.4.


Malwarebytes director Thomas Reed said Apple has a new EndpointSecurity framework as a replacement for kernel extensions:

We are aware of this, and have been working on replacing our kernel extension since late last year. We plan to replace it with Apple's new EndpointSecurity framework before the release of macOS 10.16, when it is assumed that kernel extensions will no longer work, in part or in full. (We only know that Apple has said they "will not work without compromise" in "a future version of macOS." But we'd rather not find out the hard way exactly what that means.)

The kernel extension will continue to be supported for macOS 10.14 (Mojave) and earlier, but macOS 10.15 (and later) will no longer need it, once we have an update available.

So, no need to panic. We've still got your back, and won't let your protection falter. All you've got to do is make sure you're keeping Malwarebytes for Mac up-to-date. If you have updated to at least version 4.2, and have not disabled the new auto-update feature, it'll update itself in the background without you needing to do anything. To ensure you're up-to-date, just open Malwarebytes and choose Check for Updates from the Malwarebytes menu.

Technical details for developers are available in an Apple document titled "Deprecated Kernel Extensions and System Extension Alternatives."

Related Forum: macOS Catalina

Popular Stories

Waze logo

5 New Waze Features Rolling Out Now: Here Are All the Details

Monday July 13, 2026 3:42 am PDT by
Google today announced that Waze is getting a handful of new features, including some Gemini-powered personalization enhancements for Conversational Reporting. Conversational Reporting already uses Gemini when users report traffic incidents like slowdowns, but now you can use it to suggest map updates like road closures or outdated addresses. Saying something like "The road is closed here"...
apple back to school sans airpods 2

Apple's 2026 Back to School Offer is Coming Soon

Sunday July 12, 2026 7:29 am PDT by
Apple's stores will be rolling out Back to School marketing materials this week, according to Bloomberg's Mark Gurman. This suggests that the offer will begin in the U.S. in the next few days. Last year, college students and educational staff could receive a free accessory like AirPods 4 or an Apple Pencil Pro with the purchase of a qualifying Mac or iPad model. The Back to School offer is in...
Apple 2026 Back to School Graphic

Apple's 2026 Back to School Offer Just Went Live in Select Countries

Wednesday July 15, 2026 11:48 am PDT by
Apple's annual Back to School promotion is now live in select countries in Asia, including China, India, Malaysia, the Philippines, Singapore, Taiwan, Thailand, and Vietnam. The offer provides college students and educational staff with a free item with the purchase of an eligible Mac or iPad model. The exact offer varies by country, with options including a pack of four AirTags, AirPods 4,...

Top Rated Comments

chrfr Avatar
82 months ago

It's nothing to do with security.
It's specifically about stability and also security.
The new system extensions will not have sufficiently low level access to the system to cause kernel panics. That's a big improvement regardless of the motivation.
Score: 18 Votes (Like | Disagree)
JimmyBanks6 Avatar
82 months ago

It's nothing to do with security.
"Sandboxing software is nothing to do with security"

You heard it here first folks. 🙄
Score: 18 Votes (Like | Disagree)
HiVolt Avatar
82 months ago
It's nothing to do with security. It's about total control of the hardware & software experience, like on iOS.

They've been doing it slowly but surely over the last number of years.
Score: 14 Votes (Like | Disagree)
cmaier Avatar
82 months ago

It's nothing to do with security. It's about total control of the hardware & software experience, like on iOS.

They've been doing it slowly but surely over the last number of years.
making drivers run in user space is absolutely about security.
Score: 10 Votes (Like | Disagree)
cmaier Avatar
82 months ago

So it is just a coincidence that the method of improving security they chose and continue to implement just happens to also reduce user control and limit how the machine can be used, right? I bet you think they removed the headphone jack out of courage too.
It's not a coincidence, it's computer science. The more control you let a third-party app have over things outside it's own user space, the more likely it is to cause system instability and to present a security risk.
Score: 7 Votes (Like | Disagree)
venom600 Avatar
82 months ago

"Sandboxing software is nothing to do with security"

You heard it here first folks. 🙄
So it is just a coincidence that the method of improving security they chose and continue to implement just happens to also reduce user control and limit how the machine can be used, right? I bet you think they removed the headphone jack out of courage too.
Score: 7 Votes (Like | Disagree)