Jump to content
FrankMartin

Code Signature Mismatch (Little Snitch)

Recommended Posts

See the explanation here: 

 

Share this post


Link to post
Share on other sites

Frank,

There was a problem with the code signature that was fixed in Malwarebytes for Mac version 3.0.2. However, just in the last couple days, we've seen a handful of people with a similar problem. Can you verify if you're using version 3.0.1, or a newer version? If you're not sure, open the Malwarebytes app and choose About Malwarebytes from the Malwarebytes menu.

If you're using 3.0.2 or 3.0.3, please let me know if you're willing to provide some additional information. Thus far, we're seeing that the RTProtectionDaemon app on the affected systems is byte-for-byte identical to the official copies, and we haven't been able to reproduce the issue on any of our systems here.

Share this post


Link to post
Share on other sites

We haven't seen any other cases since that single short period last week, and only a handful then. We've been able to verify that the code signature of the RTProtectionDaemon on the affected machines is correct and valid. We're not sure exactly what happened, but I'm leaning towards thinking this was a temporary Little Snitch bug that has been fixed.

Share this post


Link to post
Share on other sites

I have this problem now on High Sierra, Little snitch version 4.04 and Malwarebytes 3.1.1..505. Started this morning.

Share this post


Link to post
Share on other sites

We've seen some cases where, following a Malwarebytes update from the older version that had the code signing issue, macOS does not refresh a kernel cache that can result in this problem. If you restart your computer, it should clear it up.

Share this post


Link to post
Share on other sites

I also just encountered the same issue with version 3.1.1.505 and Little Snitch 4.0.4 on Sierra 10.12.6. I will try a restart.

Share this post


Link to post
Share on other sites

in continuum, just experienced the same.  running sierra 10.13.1, malwarebytes 3.1.1.505, little snitch 4.05 (kernel 5116).  presented with the exception indicating code signature mismatch.  restarting without modifying any rules and issue appears to have gone away.  will monitor.

Share this post


Link to post
Share on other sites

Hello, this issue is still happening. I had it with Little Snitch 4.05 and also now with Little Snitch 4.1.3 nightly (kernel 5180).

macOS 10.13.6 High Sierra

 

Edited by geekiemac

Share this post


Link to post
Share on other sites
On 7/14/2018 at 8:58 AM, geekiemac said:

Hello, this issue is still happening. I had it with Little Snitch 4.05 and also now with Little Snitch 4.1.3 nightly (kernel 5180).

macOS 10.13.6 High Sierra

At this point, if you're using the latest version of Malwarebytes for Mac, the problem does not lie with Malwarebytes. The code signature is correct, and has been for some time. This is either an error in macOS or in LittleSnitch. Try restarting your system - which will clear the cache where macOS stores code signature data - to see if that fixes the problem.

Share this post


Link to post
Share on other sites

See my reply to your other posting on this subject.

Share this post


Link to post
Share on other sites
14 hours ago, hankering said:

Same problem, MWB 3.6.21; OSX 10.12.6.  Restarting did not fix it.

If restarting didn't fix the problem, you may actually have a damaged copy of Malwarebytes for Mac. Try downloading a fresh copy and reinstalling it:

https://malwarebytes.com/mac-download

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.