This post has been republished via RSS; it originally appeared at: Intune Customer Success articles.
We were recently alerted that some macOS devices may turn non-compliant after upgrading to macOS 15 if Stealth Mode is enabled in a device compliance policy. This setting is in the macOS compliance policy located under System Security. When stealth mode is enabled, the Mac devices do not respond to either “ping” requests or connection attempts from a closed TCP or UDP network. Stealth mode can be configured through compliance policy or by configuring firewall through the settings catalog.
After devices upgrade to macOS 15, they may report a non-compliant status with the Enable stealth mode setting showing an error:
Workaround
If you're experiencing an issue where the device turns non-compliant after upgrading to macOS 15, you can mitigate this by configuring the Stealth Mode setting to be Not configured for devices running macOS 15 and later:
If you set Stealth Mode to Not configured in your device compliance policy, you can still enable Stealth Mode by configuring a device configuration policy to enable stealth mode on the device. This setting is located in the macOS settings catalog under Networking > Firewall:
Additionally, if you want to prevent devices from upgrading to macOS 15, you can configure software update delay restrictions in the settings catalog. This will delay macOS 15 from being offered on devices for a specified period of time:
We’ll continue to update this post as new information becomes available. If you have questions or comments for the Intune team, reply to this post or reach out on X @IntuneSuppTeam.