Problems with malware protection in macOS: Bitdefender and Docker affected
While Docker files falsely triggered warnings, Bitdefender had a security issue in macOS.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
macOS users can run into problems with Docker installations. In addition, Bitdefender's malware protection has itself opened up a security vulnerability in Apple's operating system.
When using Docker Desktop on macOS, the operating system popped up malware warnings and blocked the launch of the software. In a blog post, the developers discuss the solutions to the problem. The URL for the support article, which explains the solution in detail, provides clues to the cause: “Cert Revoke Solution”.
Faulty signatures
Apparently, the Docker files were signed with a certificate that has since been revoked. As a result, macOS consequently blocks execution and issues a malware warning if necessary. As a solution, those affected should preferably update their Docker version to version 4.37.2 – ideally directly through the app, which of course does not work with the malware warning. However, Docker also provides patches for versions 4.32 to 4.36, which should solve the problem. Admins can also find help for admins with an MDM solution and for Casks for Homebrew in the support article.
Videos by heise
Meanwhile, Bitdefender has announced that the virus scanner for macOS has a veritable security vulnerability. Due to a lack of hardening for checking signatures of runtime files or libraries in the Bitdefender VirusScanner binary of the VIrenscanner for macOS, attackers can inject their libraries (.dynamic library; DYLD Injection) without being blocked by AppleMobileFileIntegrity (AMFI) (CVE-2024-11128, CVSS 8.4, risk “high”).
With the update to version 3.18 of the Bitdefender virus scanner, the problem should be resolved. Anyone using Bitdefender under macOS should therefore check whether the software has actually installed the update automatically or whether a manual update is required, for example by over-installing with the latest installer.
It last became known at the end of October last year that the Bitdefender antivirus software had opened up security vulnerabilities on PCs. The five vulnerabilities had all been classified as high risk by the developers.
(dmk)
