Apple has pushed new updates to both XProtect and the Malware Removal Tool, bringing the former to version number 2149; and the latter to version 1.81. Both updates are dated June 28, 2021.
Apple introduced rule MACOS.54d6414, which prevents a variant of the Shlayer malware that is a dropper for the Bundlore adware. The other updates to XProtect come to rule MACOS.11eaac1 (VindInstaller.B) and the expansion of two rules that target the XCSSET malware - MACOS.1db9cfa and MACOS.6eaea4.
This is a continuation of Apple’s commitment to preventing XCSSET malware, which has continued to gain attention as it quickly adapts and changes.
Apple appeared to skip MRT 1.80, going straight to version 1.81. No additional data about the update to MRT is available at this time.
Jamf Protect is purpose-built to work with Apple’s native security tools, while also adding the capability of detecting and mitigating a wider range of known malware. Additionally, it provides alerting and reporting capabilities – including the identification of potential new threats — before new updates to XProtect and/or MRT may be available.