Support for these is getting to be removed entirely from macOS to increase steadiness and security.
Apple has confirmed that future Mac computers powered by its chips won’t support kernel extensions within the least. this might further tighten macOS security and increase its stability.
Kernel Extensions Are Bad for Security
This was clarified in an updated version of Apple’s Platform Security Guide detailing the most recent security measures in iOS 14, iPadOS 14, macOS Big Sur, tvOS 14, and watchOS 7. It acknowledges that third-party kernel extensions are bad from a security standpoint.
In addition to enabling users to run older versions of macOS, Reduced Security is required for other actions which can put a user’s system security in peril, like introducing third-party kernel extensions.
The 196-page document, available on Apple Support and as a PDF document, explains that a third-party kernel extension has the same privilege due to the macOS kernel. As a result, any vulnerabilities found during a kernel extension can cause full OS compromise.
This is why developers are strongly encouraged to adopt system extensions before kernel extensions support is away from macOS for future Mac computers with Apple silicon.
Aside from the refreshed Apple Platform Security guide, the company also debuted a replacement Security Certifications and Compliance Center on its website, providing crucial security and privacy-related information about Apple hardware, software, and services.
macOS also includes a feature called System Integrity Protection that actively shields parts of your system from modification and blocks the installation of insecure extensions.
About macOS Kernel Extensions
In many operating systems, the kernel is that the central component with complete control over all the system resources. Always resident in memory, the kernel handles essential low-level operations like memory allocation, peripherals access, I/O requests, and more. It’s one of the first software components that load once you activate your Mac.
Kernel extensions permit developers to inject custom code into the macOS kernel, usually to enable compatibility with specific peripherals or to form very advanced apps. However, Apple not recommends using macOS kernel extensions.
macOS Catalina released quite two years ago was the last version of the Mac OS to support kernel extensions. Apple now provides system extensions on the way to extend macOS functionality without potentially compromising security.
Unlike kernel extensions, system extensions are protected in userspace rather than at the kernel level. System extensions have limited privileges because they run in userspace.
About macOS System Extensions
Here’s how Apple’s support document describes macOS system extensions:
System extensions add the background to extend the functionality of your Mac. Some apps install kernel extensions or kexts—a quiet system extension that works using older methods that aren’t as secure or reliable as modern alternatives. Your Mac identifies these as legacy system extensions.
A system extension may seek user permission before it’s loaded. Therein case, the user are going to be asked to the security & Privacy preferences to allow the extension.
On a Mac with Apple silicon, you’ll first get to use Startup Security Utility to line the security policy to Reduced Security and choose the ‘Allow user management of kernel extensions from identified developers’ checkbox.
If your Mac is using an outdated third-party extension, you will see a system alert. Therein case, you need to reach bent its developer and inquiry about compatibility. Such outdated extensions need to be updated or are going to be incompatible with a future version of macOS.