Apple fixes bug breaking security software – but this Mac VPN remains affected

macOS 15 logo
(Image credit: Apple)

If you have already upgraded to the new macOS Sequoia, good news – you won't need to choose between usability and security anymore. At least, depending on the service you use.

About three weeks after the launch, Apple finally promised to have fixed a bug with its latest MacOS 15 update that was creating trouble with multiple security products. These included enterprise solutions like CrowdStrike, SentinelOne, and Microsoft Defender, as well as the best VPN and antivirus software tools for everyday use.

According to the Big Tech giant, macOS Sequoia 15.0.1 "improves compatibility with third-party security software," Apple wrote on its support page. Yet, while the security of the service has not been compromised, one of TechRadar's favorite Mac VPNs has confirmed that some "service issues" still occur. These are expected to be fixed with the upcoming 15.1 version (currently in beta), specifically issues with iMessage notifications when connected to a VPN.

Mixed results for Mac VPNs

The launch of Mac's new operating system Sequoia at the end of September likely angered many security providers, with CrowdStrike even suggesting its customers not to upgrade their devices – BleepingComputer reported at that time. Frustrated users especially took on Reddit to share their usability troubles and ask for a workaround.

In the realm of VPN software, people lamented connectivity issues such as iPhone Mirroring, iMessage and Facetime not working when connected to the VPN. In some cases, also the split tunneling function was reportedly down.

Interestingly, I noticed that not all VPN providers faced the same problems, with some services being not affected at all. With news of Apple supposedly fixing the bug – both Microsoft and Crwdstrike confirmed the issues are solved to TechCrunch – I then decided to contact some of TechRadar's top picks to have a better idea of what's happening. Needless to say, the responses were mixed.

Restoring Apple App Connectivity on macOS 15 While Using the VPN with the PIA Desktop macOS alpha from r/PrivateInternetAccess

NordVPN, ExpressVPN, Private Internet Access (PIA), and Mullvad all confirmed that Sequoia has caused issues with their service. Yet, while Mullvad and NordVPN told me that macOS 15.0.1 fixed their problems, ExpressVPN said the recent update did not resolve Apple service issues when using a VPN.

"The bug in macOS 15, which Apple has acknowledged in its initial release, continues to impact ExpressVPN for Mac users in the 15.0.1 update," Samuel Bultez, Head of Product at ExpressVPN told me. "This issue affects applications relying on Apple Push Notification Services. As a result, apps like iMessage, FaceTime, Reminders, Notes, and more were non-functional or affected once the VPN was connected."

Bultez explains the team came up with a temporary solution users can manually enable – a feature via Network Lock that allows macOS users to bypass their VPN, improving the functionality of iMessage and other apps.

The bug in macOS 15 continues to impact ExpressVPN for Mac users

Samuel Bultez, Head of Product at ExpressVPN

On the other hand, the likes of Surfshark, Windscribe, IPVanish, and Hide.me told me Sequoia did not impact their services at all, with VPN software working as expected even after the initial release.

According to Hide.me, however, Apple is nonetheless to blame for the connectivity troubles breaking down other security software.

"Apple is clearly not doing his homework when releasing OS updates that break third-party software," Sebastian Schaub, the company's CEO, told me. "Apple should overthink the yearly upgrade cycle and test new releases more thoroughly.”

Even more significantly, while the Windscribe VPN service wasn't affected, its sister DNS service (an open-source DNS daemon) did face some troubles following the OS upgrade.

"We did see issues related to incorrectly behaving firewall, blocking connections it should not have been blocking," Yegor Sak, CEO at Windscribe, told me. "This issue appears to be resolved, so that's good news."

What's behind these differences?

At this point, you might be wondering, how come some security services were affected and others were not? And, why is ExpressVPN still recording some issues after "the fix"? Again, providers had different views on the reason why this may be happening.

We already mentioned that, according to Hide.me, it's Apple to blame for the incidents with third-party security software. Well, IPVanish has a completely opposite view on the matter.

The team told me that anytime there's a new release – IPVanish engineers keep track of releases to know when they're coming – it starts testing the software on beta to spot any potential issues. This enabled them to notice that, with Sequoia, Apple changed the location for its network extensions tab (where the user has to agree to enable the VPN). All they had to do was change users' instructions.

"These are all standard engineering best practices. I don't think [bigger providers] should have gotten into any issues," Subbu Sthanu, Chief Commercial Officer for Consumer Security at Ziff Davis (IPVanish parent company) told me.

Similarly, Saulius Maslinskas, Surfshark's Chief Product Development Officer, told me that, due to Apple's update to the settings app, the team had to update the tutorials for setting up the VPN and antivirus. "We released a new version of the Surfshark macOS app 4.15.3 with the updated materials," he added.

VPN on laptop screen

A VPN, short for virtual private network, is security software that both encrypts internet connections and spoofs your real IP address location to keep your browsing anonymous, boost your online privacy, and grant you access to otherwise geo-restricted content. (Image credit: Shutterstock)

By contrast, ExpressVPN believes that the issue lies in differences with the VPN technical infrastructures – and usability troubles may be rather positive after all.

ExpressVPN’s Network Lock/Kill Switch solution employs a custom firewall for enhanced privacy and security, the provider explains. This approach ensures all traffic is routed through the VPN tunnel or blocked if the tunnel is not available. Issues with the Apple Push Notification Service effectively failed to route traffic to the VPN tunnel, subsequently blocking access to Apple servers.

"While this temporarily affected access to some Apple services, it is an accurate representation of our robust security measures that our VPN does not compromise on any traffic – even from Apple services," Bultez from Express told me. "On the other hand, we noted that some VPN providers, who remained unaffected, utilize Apple's Network Extension technology which automatically handles network routing and whitelists Apple’s servers – a potential privacy concern.”

In case you keep facing usability issues when using your Mac VPN even after the latest update, I recommend contacting your service provider to help you find a workaround.

Also, if you are an ExpressVPN user, no need to despair. There's a new update lined up which is supposed to fix also the issue with your chosen service.

"We have conducted early testing on the upcoming macOS 15.1 beta and found that it addresses issues with services like iMessage," said Bultez. "We are looking forward to its release."

TOPICS
Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com