Apple released an updated version of its’Platform Security Guide, ‘which provides a comprehensive overview of the latest security changes and enhancements in the company’s software ecosystems.
The guide details the changes in iOS 14, iPadOS 14, macOS, Big Sur, tvOS 14, watchOS 7, and more.
MacRumors posted a breakdown of the changes to the guide. For example, the guide includes security details about Safari’s password monitoring feature. Available in iOS 14 and macOS Big Sur, Password Monitoring automatically checks if saved passwords may have been exposed in a data breach.
Additionally, Apple outlined the security benefits of its new M1 chip, touching on the boot process, boot modes, boot disk, Rosetta 2 translation process, FileVault, Activation Lock, and more.
Perhaps the most significant new addition covered in the guide is that Apple finally confirmed that it would stop supporting kernel extensions in future versions of macOS. Kernel extensions, or ‘kexts’, run with kernel privileges instead of user privileges. The kernel is essentially the core of a computer’s operating system and controls the entire computer. Thanks to the high privilege of kexts, Apple notes that they present a significant security flaw if users run a compromised kext on their system.
Although to be expected, the official confirmation in the Platform Security Guide will encourage developers to move to the new, more secure system extensions. System extensions, unlike kexts, run at the user’s privilege level. Apple says this helps increase the stability and security of macOS.
macOS Catalina was the last version of macOS to fully support kexts, according to MacRumors. The new Platform Security Guide advises developers to switch to system extensions “before macOS kext support is removed for future Apple Silicon Mac computers.”
Those interested can consult the Apple Platform Security Guide here.