Apple Updates Platform Security Guide, Says Kernel Extensions Won't Be Supported on Future Apple Silicon Macs

by

Apple today shared an updated version of its Platform Security Guide [PDF], providing a comprehensive overview of the latest security advancements across iOS 14, iPadOS 14, macOS Big Sur, tvOS 14, watchOS 7, and more.

apple devices mac iphone ipad watch collage
For example, the guide provides security details about Safari's optional Password Monitoring feature on iOS 14 and macOS Big Sur, which automatically keeps an eye out for any saved passwords that may have been involved in a data breach. Apple also outlines the security of its new digital car keys feature on the iPhone and Apple Watch.

Apple updated its "commitment to security" preamble, touting the security advantages of Apple-designed chips across the iPhone, iPad, Apple Watch, and Mac:

Apple continues to push the boundaries of what's possible in security and privacy. This year Apple devices with Apple SoC's across the product lineup from Apple Watch to iPhone and iPad, and now Mac, utilize custom silicon to power not only efficient computation, but also security. Apple silicon forms the foundation for secure boot, Touch ID and Face ID, and Data Protection, as well as system integrity features never before featured on the Mac including Kernel Integrity Protection, Pointer Authentication Codes, and Fast Permission Restrictions. These integrity features help prevent common attack techniques that target memory, manipulate instructions, and use javascript on the web. They combine to help make sure that even if attacker code somehow executes, the damage it can do is dramatically reduced.

New sections have been added for Macs with Apple silicon, outlining the security of the boot process, boot modes, startup disk, Rosetta 2 translation process for running Intel-based Mac apps, FileVault, Activation Lock, and more.

As expected, the guide confirms that kernel extensions will not be supported on future Macs with Apple silicon (emphasis ours):

In addition to enabling users to run older versions of macOS, Reduced Security is required for other actions that can put a user's system security at risk, such as introducing third-party kernel extensions (kexts). Kexts have the same privileges as the kernel, and thus any vulnerabilities in third-party kexts can lead to full operating system compromise. This is why developers are being strongly encouraged to adopt system extensions before kext support is removed from macOS for future Mac computers with Apple silicon.

macOS Catalina was the last version of macOS to fully support kernel extensions. Apple says kernel extensions are no longer recommended for macOS, noting that they pose a risk to the integrity and reliability of the operating system.

Starting with macOS Catalina, developers have been able to use system extensions that run in user space rather than at the kernel level. System extensions running in user space are granted only the privileges necessary to perform their specified function, which increases the stability and security of macOS, according to Apple.

Apple includes a document revision history section in the Platform Security Guide with a list of all new and updated information.

Apple also has a new Security Certifications and Compliance Center.

Tag: Apple Security

Popular Stories

iOS 26

iOS 26.4 and iOS 27 Features Revealed in New Leak

Friday December 12, 2025 10:56 am PST by
Macworld's Filipe Espósito today revealed a handful of features that Apple is allegedly planning for iOS 26.4, iOS 27, and even iOS 28. The report said the features are referenced within the code for a leaked internal build of iOS 26 that is not meant to be seen by the public. However, it appears that Espósito and/or his sources managed to gain access to it, providing us with a sneak peek...
Read Full Article89 comments
apple beta 26 lineup

Apple Leak Confirms Work on Foldable iPhone, AirTag 2, and Dozens More Devices

Monday December 15, 2025 2:05 pm PST by
Last week, details about unreleased Apple devices and future iOS features were shared by Macworld. This week, we learned where the information came from, plus we have more findings from the leak. As it turns out, an Apple prototype device running an early build of iOS 26 was sold, and the person who bought it shared the software. The OS has a version number of 23A5234w, and the first...
Read Full Article55 comments
Apple Foldable Thumb

Leak Reveals Foldable iPhone Details

Monday December 15, 2025 9:09 am PST by
The first foldable iPhone will feature a series of design and hardware firsts for Apple, according to details shared by the Weibo leaker known as Digital Chat Station. According to a new post, via machine translation, Apple is developing what the leaker describes as a "wide foldable" device, a term used to refer to a horizontally oriented, book-style foldable with a large internal display....
Read Full Article139 comments
iOS 26

Apple Releases iOS 26.2 With Alarms for Reminders, Lock Screen Changes, Enhanced Safety Alerts and More

Friday December 12, 2025 10:10 am PST by
Apple today released iOS 26.2, the second major update to the iOS 26 operating system that came out in September, iOS 26.2 comes a little over a month after iOS 26.1 launched. ‌iOS 26‌.2 is compatible with the ‌iPhone‌ 11 series and later, as well as the second-generation ‌iPhone‌ SE. The new software can be downloaded on eligible iPhones over-the-air by going to Settings >...
Read Full Article111 comments
Apple Logo Top Half

Early iOS 26 Software Leak Uncovers Dozens of Upcoming Apple Features

Monday December 15, 2025 3:05 pm PST by
Software from an iPhone prototype running an early build of iOS 26 leaked last week, giving us a glimpse at future Apple devices and iOS features. We recapped device codenames in our prior article, and now we have a list of some of the most notable feature flags that were found in the software code. In some cases, it's obvious what the feature flags are referring to, while some are more...
Read Full Article22 comments
iOS 26

iOS 26.2 Coming Soon With These 8 New Features on Your iPhone

Thursday December 11, 2025 8:49 am PST by
Apple seeded the second iOS 26.2 Release Candidate to developers earlier this week, meaning the update will be released to the general public very soon. Apple confirmed iOS 26.2 would be released in December, but it did not provide a specific date. We expect the update to be released by early next week. iOS 26.2 includes a handful of new features and changes on the iPhone, such as a new...
Read Full Article82 comments
macOS Tahoe 26 Thumb

Apple Releases macOS Tahoe 26.2 With Edge Light

Friday December 12, 2025 10:08 am PST by
Apple today released macOS Tahoe 26.2, the second major update to the macOS Tahoe operating system that came out in September. macOS Tahoe 26.2 comes five weeks after Apple released macOS Tahoe 26.1. Mac users can download the macOS Tahoe update by using the Software Update section of System Settings. macOS Tahoe 26.2 includes Edge Light, a feature that illuminates your face with soft...
Read Full Article98 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 2 and AirPods Pro 3

Thursday December 11, 2025 11:28 am PST by
Apple today released new firmware designed for the AirPods Pro 3 and the prior-generation AirPods Pro 2. The AirPods Pro 3 firmware is 8B30, up from 8B25, while the AirPods Pro 2 firmware is 8B28, up from 8B21. There's no word on what's include in the updated firmware, but the AirPods Pro 2 and AirPods Pro 3 are getting expanded support for Live Translation in the European Union in iOS...
Read Full Article68 comments

Top Rated Comments

chucker23n1 Avatar
chucker23n1
63 months ago
"Apple continues to push the boundaries of what's possible in security and privacy."

I mean, sure, yes. But also: "Apple continues to reduce the ceiling of what's possible in macOS."
Score: 28 Votes (Like | Disagree)
asiga Avatar
asiga
63 months ago
At the end, their goal is that MacOS is just iPadOS with Terminal and Xcode.
Score: 26 Votes (Like | Disagree)
jameslmoser Avatar
jameslmoser
63 months ago
Anyone surprised by this hasn't been paying attention. Apple is transforming Macs into Apple Service Appliances, and allowing you to customize your OS and install stuff from other places than the App store or developer signed Apps doesn't make them any money.
Score: 16 Votes (Like | Disagree)
aednichols Avatar
aednichols
63 months ago
Herding developers to run app code in userspace instead of the kernel is just a good idea in general.

I've already been avoiding kext-based apps where possible for years.
Score: 16 Votes (Like | Disagree)
leman Avatar
leman
63 months ago
Anyone surprised by this has not been following macOS development for the last couple of years. Kernel extensions are out, userland drivers are in.


I mean, sure, yes. But also: "Apple continues to reduce the ceiling of what's possible in macOS."
If DriverKit supports enough relevant use cases, I don't see a problem.


Apple is inching MacOS to full Mach, which would be awesome... killing kernel extensions before having third-party GPU support will be interesting. What is old is new again https://en.wikipedia.org/wiki/MkLinux
There won't be any third party GPU support on Apple Silicon. Why would Apple sabotage the developer and user experience ecosystem they have been painstakingly bulding?


VirtualBox
Made irrelevant by the new virtualization framework. Parallels Preview runs on M1 without any kernel extensions.
Score: 14 Votes (Like | Disagree)
jrlcopy Avatar
jrlcopy
63 months ago
Umm.... that's like a decent amount of professional apps.
Score: 8 Votes (Like | Disagree)
Read All Comments