Jamf Blog
Top page tear revealing the word
August 23, 2021 by Stuart Ashenbrenner

Apple updates XProtect and MRT

Apple's latest updates to XProtect and MRT bring XProtect to version 2151 and MRT to 1.82.

September 24, 2021

Apple has pushed new updates to XProtect, bringing the version to number 2151. This update is dated for September 24, 2021.

Apple updated rule MACOS_8032420, which prevents variants of the adware dubbed Genieo (MaxOfferDeal). Apple improved coverage for this rule by adding a single line to the signature for MACOS_8032420. This rule was originally introduced in XProtect version 2123 and was last updated in version 2136.

These are the first updates made to XProtect since August 23, 2021.

August 23, 2021

Apple has pushed new updates to both XProtect and Malware Removal Tool, bringing the former to version number 2150; and the latter to version 1.82. Both updates are dated August 23, 2021.

Apple introduced rule MACOS.7c241b4, which prevents variants of the common adware dubbed Climpli (Adload). A related rule, MACOS.2afe6bd (Climpli/Adload), which was added in v2141, was also updated. Other updates to XProtect come to rule MACOS.f5d33c9 and MACOS.8a20735 (both Bundlore), which were previously named MACOS.ef3df25 and MACOS.a9ea9b4, respectively.

These are the first updates made to either XProtect or MRT since June 28, 2021.

No additional data about the update to MRT is available at this time.

June 28, 2021

Apple has pushed new updates to both XProtect and the Malware Removal Tool, bringing the former to version number 2149; and the latter to version 1.81. Both updates are dated June 28, 2021.

Apple introduced rule MACOS.54d6414, which prevents a variant of the Shlayer malware that is a dropper for the Bundlore adware. The other updates to XProtect come to rule MACOS.11eaac1 (VindInstaller.B) and the expansion of two rules that target the XCSSET malware - MACOS.1db9cfa and MACOS.6eaea4.

This is a continuation of Apple’s commitment to preventing XCSSET malware, which has continued to gain attention as it quickly adapts and changes.

Apple appeared to skip MRT 1.80, going straight to version 1.81. No additional data about the update to MRT is available at this time.

Jamf Protect is purpose-built to work with Apple’s native security tools, while also adding the capability of detecting and mitigating a wider range of known malware. Additionally, it provides alerting and reporting capabilities – including the identification of potential new threats — before new updates to XProtect and/or MRT may be available.

Secure your endpoints today against the latest threats affecting macOS

while also adding the capability of detecting and mitigating a wider range of known malware.

Browse Blog
by Category:
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.