macOS Big Sur 11.2 Beta 2 Removes Feature Letting Apple Apps Bypass Third-Party Firewalls and VPNs

by

macOS Big Sur 11.2 beta 2, which was released yesterday, eliminates a feature that allowed Apple apps bypass third-party firewalls, security tools, and VPN apps, according to reports from ZDNet and security researcher Patrick Wardle.

First Look Big Sur Feature2
macOS Big Sur 11 included a ContentFilterExclusionList that let Apple's apps like the App Store, Maps, iCloud, and more to avoid firewall and VPN apps that users had installed. These apps were not able to filter or inspect traffic for some built-in Apple apps.

Security researchers believed that the feature, found last October, was a major security risk as malware could be designed to latch on to a legitimate Apple app and bypass security software. Users who had VPNs installed also risked exposing their real IP address and location to Apple's apps.


Apple told ZDNet last year that the list was temporary and the result of a series of bugs related to the deprecation of network kernel extensions in macOS Big Sur. Apple has been addressing those bugs, and in the second beta of macOS Big Sur released yesterday, removed the ContentFilterExclusionList from the macOS code.

When macOS Big Sur 11.2 sees a release, Apple apps will be compatible with VPN apps and will no longer be able to bypass firewalls and other security tools.

Related Forum: macOS Big Sur

Popular Stories

iphone 17 models

No iPhone 18 Launch This Year, Reports Suggest

Thursday January 1, 2026 8:43 am PST by
Apple is not expected to release a standard iPhone 18 model this year, according to a growing number of reports that suggest the company is planning a significant change to its long-standing annual iPhone launch cycle. Despite the immense success of the iPhone 17 in 2025, the iPhone 18 is not expected to arrive until the spring of 2027, leaving the iPhone 17 in the lineup as the latest...
Read Full Article110 comments
Clicks Communicator Feature

'Clicks Communicator' Unveiled — Will You Carry This With Your iPhone?

Friday January 2, 2026 6:35 am PST by
The company behind the BlackBerry-like Clicks Keyboard accessory for the iPhone today unveiled a new Android 16 smartphone called the Clicks Communicator. The purpose-built device is designed to be used as a second phone alongside your iPhone, with the intended focus being communication over content consumption. It runs a custom Android launcher that offers a curated selection of messaging...
Read Full Article142 comments
apple intelligence black

Report: Apple's AI Strategy Could Finally Pay Off in 2026

Tuesday December 30, 2025 9:01 am PST by
Apple's restrained artificial intelligence strategy may pay off in 2026 amid the arrival of a revamped Siri and concerns around the AI market "bubble" bursting, The Information argues. The speculative report notes that Apple has taken a restrained approach with AI innovations compared with peers such as OpenAI, Google, and Meta, which are investing hundreds of billions of dollars in data...
Read Full Article199 comments
duolingo ad live activity

Duolingo Used iPhone's Dynamic Island to Display Ads, Violating Apple Design Guidelines

Friday January 2, 2026 1:36 pm PST by
Language learning app Duolingo has apparently been using the iPhone's Live Activity feature to display ads on the Lock Screen and the Dynamic Island, which violates Apple's design guidelines. According to multiple reports on Reddit, the Duolingo app has been displaying an ad for a "Super offer," which is Duolingo's paid subscription option. Apple's guidelines for Live Activity state that...
Read Full Article53 comments
apple fitness 2026 1

Apple Teases 'Something Big' Coming Soon to Apple Fitness+

Tuesday December 30, 2025 2:11 pm PST by
The Apple Fitness+ Instagram account today teased that the service has "big plans" for 2026. In a video, several Apple Fitness+ trainers are shown holding up newspapers with headlines related to Apple Fitness+. What's Apple Fitness+ Planning for the New Year? Something Big is Coming to Apple Fitness+ The Countdown Begins. Apple Fitness+ 2026 is Almost Here 2026 Plans Still Under ...
Read Full Article121 comments
Mac Pro Feature Blue

What's Happening With the Mac Pro?

Wednesday December 31, 2025 9:59 am PST by
Apple hasn't updated the Mac Pro since 2023, and according to recent rumors, there's no update coming in the near future. In fact, Apple might be finished with the Mac Pro. Bloomberg recently said that the Mac Pro is "on the back burner" and has been "largely written off" by Apple. Apple apparently views the more compact Mac Studio as the ideal high-end pro-level desktop, and it has almost...
Read Full Article249 comments
macbook air march 2020

Apple Says Final Intel MacBook Air and Apple Watch Series 5 Now 'Vintage'

Wednesday December 31, 2025 8:39 am PST by
Apple today added the final 13-inch MacBook Air powered by Intel processors, the Apple Watch Series 5, and additional products to its vintage products list. The iPhone 11 Pro was also added to the list after the iPhone 11 Pro Max was added back in September. The full list of products added to Apple's vintage and obsolete list today: MacBook Air (Retina, 13-inch, 2020) iPhone 8 Plus 128GB ...
Read Full Article83 comments
Apple Fitness Plus hero

Apple Announces New Fitness+ Workout Programs, Strava Challenge, and More

Friday January 2, 2026 6:43 am PST by
Apple today announced a number of updates to Apple Fitness+ and activity with the Apple Watch. The key announcements include: New Year limited-edition award: Users can win the award by closing all three Activity Rings for seven days in a row in January. "Quit Quitting" Strava challenge: Available in Strava throughout January, users who log 12 workouts anytime in the month will win an ...
Read Full Article54 comments

Top Rated Comments

hortod1 Avatar
hortod1
65 months ago
The older I get the more this might as well be a foreign language

<sigh>
Score: 10 Votes (Like | Disagree)
sideshowuniqueuser Avatar
sideshowuniqueuser
65 months ago
'We have another candidate for our "Is This A Feature Or Is This A Bug?" bingo.'

Ha ha that cracks me up!
Score: 7 Votes (Like | Disagree)
BWhaler Avatar
BWhaler
65 months ago
It should have always been this way, but I’m pleased Apple is making the appropriately change quickly. Thank you.
Score: 7 Votes (Like | Disagree)
chucker23n1 Avatar
chucker23n1
65 months ago

The older I get the more this might as well be a foreign language

<sigh>
Apple recently started requiring third party software who want to control network traffic (such as firewalls) to intercept it a different way. They documented and explained the new way, and it's been mostly fine. However, they then exempted some of their own software from this new way.

A security researcher example: they want to observe how an app communicates with the network, how its behavior changes when they limit some of that communication, etc. They weren't able to do that with some of Apple's apps. For example, if App Store or Find My had a security bug related to network communication, they would have a hard time finding out. Not only can they not control the traffic from those services, they can't even see it.

A more general-purpose example: you're on cellular (or some other metered connection), and use an app like Trip Mode to limit data usage. Well, you can't see the data some of Apple's stuff uses. App Store or Software Update download a large update in the background? Trip Mode won't be able to tell you.

There were probably some reasons Apple did all this in the first place (for example, one might argue that macOS needs to be able to download updates to Xprotect malware definitions no matter what), but there's also a fair bit of hubris involved. It feels like once they did decide to make that exemption list, all kinds of software teams internally signed up to be added, and that's just opening the floodgates for trouble.

Anyway, all this, it appears, is now resolved.
Score: 5 Votes (Like | Disagree)
-BigMac- Avatar
-BigMac-
65 months ago
Apple allowed to bypass firewalls/security software?

What an unfortunate “bug” this mustve been for Apple before it was found ;)
Score: 5 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
65 months ago

Excellent news - been aching to move to Big Sur (love the place - LOL) but holding back until VPN's would function there (plus other Objective see tools) - wife is itching to do so for work and will do so as soon as the update to 11.2 is out.
SurfShark is the only brand name VPN I have seen with Silicon support thus far. Nord and PIA are dragging their software heels.
Score: 3 Votes (Like | Disagree)
Read All Comments