Endpoint Security for Mac 10.x Known Issues

Technical Articles ID: KB85855
Last Modified: 2023-10-06 13:14:58 Etc/GMT

Environment

Endpoint Security for Mac (ENSM) Firewall 10.x
ENSM Threat Prevention 10.x
ENSM Web Control 10.x

For ENSM-supported platforms, see KB84934 - Supported platforms for Endpoint Security for Mac.

Summary

Recent updates to this article

Date	Update
October 6, 2023	Made the following changes: Corrected the release date to April 26, 2023 for ENSM 10.7.9 in the "ENSM product release information" section. Updated issue ENSM-5366 with resolution details in the "Critical known issues" section. Updated issues ENSM-5607, ENSM-4877, ENSM-5372, ENSM-5292, ENSM-5261, and ENSM-5131 with resolution details in the "Non-critical known issues" section. Removed issues ENSM-5339, ENSM-5367, and ENSM-5340 from the "Non-critical known issues" section.
October 3, 2023	Added release information for version 10.7.9 in the "ENSM product release information" section.
September 26, 2023	Added known issues related to macOS 14 Sonoma on ENSM 10.7.9.
April 27, 2023	Added 10.7.9 Release Information.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

Contents
Click to expand the section you want to view:

ENSM product release information

Issue resolutions in updates and major releases are cumulative; Technical Support recommends that you install the latest version. To find the most recent release for your product, go to the Product Downloads site.

ENSM Version	Release to Support (RTS)	General Availability (GA)	Release Notes
10.7.9 (Refreshed Build)	N/A	September 26, 2023	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.7.9	N/A	April 26, 2023	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.7.8	N/A	October 12, 2021	Release Notes (ENSM)
10.7.7	N/A	June 22, 2021	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.7.6	N/A	March 9, 2021	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.7.5	N/A	November 10, 2020	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.7.1	N/A	September 8, 2020	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.7.0	N/A	June 9, 2020	Release Notes
10.6.10	N/A	August 11, 2020	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.9	N/A	May 7, 2020	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.8	N/A	January 14, 2020	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.7	N/A	November 12, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.6	N/A	October 8, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.5	N/A	September 10, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.4	N/A	August 13, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.3	N/A	July 2, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.2	N/A	May 14, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.1	N/A	April 9, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)
10.6.0	N/A	March 12, 2019	Release Notes (ENSM) Release Notes (ENSM Threat Prevention)

Critical known issues

Reference Number	Related Article	Found ENSM Version	Resolved ENSM Version	Issue Description
ENSM-5590		10.7.9	10.7.9 (Refreshed Build)	Issue: [macOS14Sonoma] Threat Prevention crashing on ENSM 10.7.9 Resolution: This issue is resolved in ENSM 10.7.9 refreshed build.
ENSM-5366		10.7.8	N/A	Issue: [macOS13Ventura] Full Disk Access not honored after you upgrade macOS from Monterey to Ventura with ENSM 10.7.8 in-place. Threat Prevention is disabled until the privacy settings are removed and added back. This issue doesn't affect authorization granted via MDM. Workaround: Remove the settings manually and add them back. IMPORTANT: Apple has identified this as a known issue (100857507) with macOS 13 Ventura. For more information, see the macOS Ventura 13.1 Beta Release Notes. Resolution: Apple has the fix included from macOS 13.1 and later.
ENSM-5368		10.7.8		Issue: [macOS13Ventura] Highlighting the ScanNow option doesn't show the scan options. Workaround: Launch the console and click Scan Now before proceeding with other UI elements in the dashboard. Alternatively, use the New Activity or (+) to create/schedule an on-demand scan.

Non-critical known issues

Reference Number	Related Article	Found ENSM Version	Resolved ENSM Version	Issue Description
ENSM-5607		10.7.9	10.7.9 (Refreshed Build)	Issue: [macOS14Sonoma] You are unable to start the applications from the Menulet and the Menulet disappears when clicked. Only affects ARM-based machines (Silicone Chipsets including M1, M2, etc.) Workaround: You can start the application from the /Applications folder. Resolution: This issue is resolved in ENSM 10.7.9 refreshed build.
ENSM-5440		10.7.9		Issue: You can't run the MER tool from the Help menu. Workaround: Run the MER tool from the command-line.
ENSM-5386		10.7.9		Issue: [macOS13Ventura] ScanNow Scan status disappears when ScanNow is in progress when you move to a different tab. Workaround: Any present infection in the destination folder being scanned is still detected, and the infection details are logged in Events, logs, and the Recent Events database.
ENSM-4877		10.7.8	10.7.9	Issue: Search annotations fail to indicate the safety rating icon next to each site listed by the search engine. Resolution: This issue is resolved in ENSM 10.7.9.
ENSM-5372		10.7.8	10.7.9	Issue: An empty block page is displayed when blocking certain web pages. Resolution: This issue is resolved in ENSM 10.7.9.
ENSM-5355		10.7.8		Issue: Certain categories available as part of the Web Categories under Content Actions Policy isn't blocked. Resolution: We're investigating this issue.
ENSM-5292		10.7.8	N/A	Issue: There's a compatibility issue with USB-C Ethernet and the System Extension framework predominantly on Apple M1 Max/Pro chipset running Monterey macOS 12.x. NOTE: The issue is raised with Apple as it can be seen with the Sample System Extension framework. We're working closely with Apple as part of Apple defect FB9873934. Resolution: Apple has the fix included from macOS 12.4 and later.
ENSM-5261		10.7.7	10.7.9	Issue: There's a vShield Scanner crash during the upgrade of the latest Mac engine. This crash occurs only once and there's no functionality loss due to the crash. Resolution: This issue is resolved in ENSM 10.7.9.
ENSM-5131		10.7.8	10.7.9	Issue: You're unable to start the applications from the Menulet application on M1 and M2 Monterey and Ventura systems. Workaround: You can start the application from the /Applications folder. Resolution: This issue is resolved in ENSM 10.7.9.
ENSM-4940		10.7.6	10.7.7	Issue: A Scan Engine 6300 upgrade fails with ENSM 10.7.6. Resolution: This issue is resolved in ENSM 10.7.7.
ENSM-4750		10.6.x	10.7.x	Issue: The 5-digit V2 DAT update fails with ENSM 10.6.x. Resolution: This issue is resolved in ENSM 10.7.x.
ENSM-4738		10.7.5	10.7.7	Issue: Sometimes, kernel panics occur on macOS Catalina when the system resumes from sleep with ENSM Firewall 10.7.5 or 10.7.6. Resolution: Install or upgrade to ENSM 10.7.7, which addresses this issue only on macOS Catalina. This issue is fixed in macOS BigSur.
ENSM-4678		10.7.5	10.7.6	Issue: Traffic doesn't match the rule when the port number and port range are specified in the same rule in a policy. Resolution: This issue is resolved in ENSM 10.7.6.
ENSM-4542		10.7.5	10.7.6	Issue: ENSM Firewall can't coexist with Cisco AnyConnect VPN and CrowdStrike Falcon network extensions. Resolution: This issue is resolved in ENSM 10.7.6.
ENSM-4759		10.7.5		Issue: Changes made to the Firewall Catalog don't take effect on macOS endpoints unless you edit and save the policy. Workaround: Edit and save the policy before you enforce the updated policy.
ENSM-4672 ENSM-4533 ENSM-4333 ENSM-4332		10.7.0	10.7.6	Issue: The ENSM Threat Prevention on-demand scan process crashes while executing. Resolution: This issue is resolved in ENSM 10.7.6.
ENSW-101862	KB85855	10.7.0	10.7.0 September 2020 Update 10.6.1 September 2020 Update	Issue: When you create firewall rules within the ENSM Firewall Rules policy, under the Application section, it states (Windows only). Per KB85005 - Comparison of Endpoint Security Firewall features supported on Windows, Linux, and Macintosh, the Applications functionality for firewall rules works for the ENSM Firewall product. But, the "Mac" label is missing. Under the Firewall Rules policy menu, the correct statement would be Applications (Windows and Mac only). Workaround: The Applications functionality within a firewall rule works for both Windows and macOS ENS clients. Create an Application, define the Executable, and specify the path/filename details of the macOS application using the Name and File Name or Path fields. Resolution: This issue is resolved in the ENS 10.6.1/10.7.0 September 2020 Update extensions. See the related article for more information.
ENSM-3617 ENSM-3622		10.7.0 10.6.5	10.7.1 10.6.10	Issue: A Scan Engine 6100 upgrade fails with ENSM. Resolution: This issue is resolved in ENSM 10.6.10 and ENSM 10.7.1.
	KB92592	10.6.5	10.7.5	Issue: Starting with macOS Catalina 10.15.4, Apple displays the notification shown below when our applications load system extensions on the macOS system. macOS systems display the message when a legacy system extension is loaded for the first time. It also periodically displays the message while the extension remains in use: Legacy System Extension Existing software on your system loaded a system extension signed by "McAfee, Inc." which will be incompatible with a future version of macOS. Contact the developer for support. Resolution: ENSM 10.7.5 is the version that has transitioned away from the legacy system extensions to the new Endpoint Security APIs and network extension. For earlier versions of ENSM, click OK and close the Legacy System Extension notification. The notification doesn't impact product functions. See the related article for more information.
ENSM-1503		10.6.5	10.6.6	Issue: Threat Prevention, running in Kextless mode, doesn't function correctly when upgrading from macOS 10.14 to macOS 10.15 on some systems. Resolution: This issue is resolved in ENSM 10.6.6.
ENSM-1447	KB90888	10.6.5		Issue: The user interface of the following products isn't listed in the console when installing with ENSM 10.6.5. Data Loss Prevention 11.3.0 Management of Native Encryption 4.1.5 McAfee Client Proxy 2.3.6 For more information, see KB90888 - macOS compatibility with McAfee Enterprise products.
ENSM-1438		10.6.5	10.6.6	Issue: The Minimum Escalation Requirements (MER) tool isn't invoked correctly when run from the Help menu of ENSM. Workaround: Run the MER tool from the command line as described in KB87626 - Collect Minimum Escalation Requirements for Endpoint Protection for Mac, Endpoint Security for Mac, or VirusScan for Mac. Resolution: This issue is resolved in ENSM 10.6.6.
MA-7463	KB92888	10.6.2	McAfee Agent 5.6.2 Hotfix 1, 5.6.3 Hotfix 3, 5.6.4 Hotfix 3, 5.6.5 Hotfix 2	Issue: A Scan Engine upgrade fails on the system when an outdated Scan Engine is present. Resolution: This issue is resolved in McAfee Agent 5.6.2 Hotfix 1, 5.6.3 Hotfix 3, 5.6.4 Hotfix 3, and 5.6.5 Hotfix 2. See the related article for more information.
ENSM-788		10.6.1		Issue: When a product deployment fails, two client events with ID 2412 are generated for the system.
ENSM-708		10.6.0	10.6.1	Issue: An attempt to load com.McAfee.FileCore.kext happens during an ENSM Threat Prevention upgrade even if the system doesn't have user consent to load the kext. The appropriate experience matches the behavior described in KB89728 - End-user experience when installing Endpoint Security for Mac on macOS High Sierra 10.13 and later. Resolution: This issue is resolved in ENSM 10.6.1.
ENSM-680		10.6.0	As Designed	Issue: The user on the macOS system must approve the FileCore extension again to load on the system. The reason is because the earlier approval for com.intelsecurity.FileCore.kext isn't valid for the renamed kext: com.McAfee.FileCore.kext. Resolution: This behavior is as designed. The user needs to open System Preferences, Security & Privacy and click Allow for the kernel extension to load on the system.
ENSM-689		10.6.0	10.6.1	Issue: Wild cards are enforced and displayed in the client preferences user interface. But, wild cards aren't supported in firewall rules. Resolution: This issue is resolved in ENSM 10.6.1.
ENSM-683		10.6.0	10.6.1	Issue: After you disable ENSM Web Control from ePolicy Orchestrator (ePO), the menulet shows a yellow exclamation point. This issue doesn't occur when you disable ENSM Threat Prevention and ENSM Firewall from ePO. Resolution: This issue is resolved in ENSM 10.6.1.
1266150		10.6.0		Issue: Editing a repository name on the Update preferences Repository List tab of the local client user interface adds a duplicate entry with the new name. But, it retains the repository entry with the older name. Workaround: Delete the older repository from the user interface.
1265479		10.6.0		Issue: The Repository List tab in the Update preferences of the local client user interface doesn't list the Repository URL of the ePO Spipe repository.
1259847		10.6.0	DLP Endpoint 11.1.0 Hotfix 3	Issue: On a macOS system running ENSM, installation of Data Loss Prevention Endpoint (DLP Endpoint) 11.1.0.45 downgrades certain common components used by ENSM. Workaround: Install DLP Endpoint 11.1.0.45 before you install ENSM. Resolution: This issue is resolved in DLP Endpoint 11.1.0 Hotfix 3.
1254777		10.6.0	10.6.2	Issue: Quarantined files that have unicode characters in their name don't display on the Quarantine screen. Resolution: This issue is resolved in ENSM 10.6.2.
1249594		10.6.0	As Designed	Issue: User interface elements of 32-bit managed products don't display in the ENSM 64-bit console. Resolution: This behavior is as designed. Upgrade the 32-bit managed products to their 64-bit variants. Only user interface elements of the managed products aren't loaded. All functional features of the products must work as expected, because 64-bit ENSM provides backward compatibility support for 32-bit managed products.
1250801		10.6.0	As Designed	Issue: Sometimes, the following message displays in macOS Mojave when the Minimum Escalation Requirements (MER) tool is invoked to collect MER logs: "McAfee Endpoint Security for Mac" would like to control the application "Terminal" Resolution: This behavior is as designed. With macOS Mojave, Apple changes the way applications try to access another application. If you see such a message, it's safe to approve the request for ENSM to control the Terminal.
1250488		10.6.0	As Designed	Issue: The ENSM console displays the following error message when ENSM Threat Prevention is uninstalled and Management of Native Encryption and Data Loss Prevention are left on the system: Your MAC is at Risk Resolution: This behavior is as designed. Upgrade the 32-bit managed products to their 64-bit variants. ENSM Threat Prevention must not be uninstalled before you uninstall other 32-bit managed products from the system.
1248901		10.6.0	As Designed	Issue: ENSM Threat Prevention on-access scan detection stops working after you upgrade any other ENSM module, such as Firewall or Web Control. Resolution: This behavior is as designed. When you upgrade ENSM from a previous version of the product, upgrade all modules of ENSM on the system.
1248528	KB92181	10.6.0	As Designed	Issue: Installation of the standalone package of McAfee Agent through the ENSM standalone installer package (.dmg) changes the existing McAfee Agent manageability status from managed to unmanaged. This issue occurs on systems where ePO manages ENS. Workaround: To install locally or use a third-party deployment method to deploy ENSM, follow the solution in KB92181 - McAfee Agent unmanaged after using standalone installer DMG. Resolution: This behavior is as designed. Perform ENSM upgrades on an ePO-managed system, from ePO through a deployment task.
1244716		10.6.0	As Designed	Issue: Sometimes, spin dumps are logged to System Reports in macOS Mojave, for the menulet and Endpoint Security for Mac application processes. Resolution: This behavior is as designed.
1219538		10.6.0	As Designed	Issue: On a macOS system running ENSM, on-demand scan policy settings don't display in the client UI. Resolution: This behavior is as designed.
1154900		10.6.0	As Designed	Issue: The Endpoint Security Web Control extension for the Safari browser isn't installed on a macOS Sierra 10.12 system. Resolution: This behavior is as designed. When you install the Endpoint Security Web Control extension, you must click Trust when prompted.

Related Information

KB85825 - Endpoint Security for Mac Threat Prevention 10.x Known Issues

KB90658 - Endpoint Security for Mac Adaptive Threat Protection 10.x Known Issues

To contact Technical Support, go to the Create a Service Request page and log on to the ServicePortal.

If you are a registered user, type your User ID and Password, and then click Log In.
If you are not a registered user, click Register and complete the fields to have your password and instructions emailed to you.

NOTE: Any future product functionality or releases mentioned in the Knowledge Base are intended to outline our general product direction and should not be relied on, either as a commitment, or when making a purchasing decision.

Knowledge Center

Endpoint Security for Mac 10.x Known Issues

Environment

Summary

Related Information

Previous Document ID ^(Secured)

Affected Products

Languages:

Title

Title

Knowledge Center

Endpoint Security for Mac 10.x Known Issues

Environment

Summary

Related Information

Previous Document ID (Secured)

Affected Products

Languages:

Choose your region

Title

Title

Previous Document ID ^(Secured)