Code Signature Mismatch (Little Snitch)

[FrankMartin]

Little Snitch showed me this message today. Please advise. 

[alvarnell]

See the explanation here: 

 

[FrankMartin]

Thank you alvarnell!

[treed]

Frank,

There was a problem with the code signature that was fixed in Malwarebytes for Mac version 3.0.2. However, just in the last couple days, we've seen a handful of people with a similar problem. Can you verify if you're using version 3.0.1, or a newer version? If you're not sure, open the Malwarebytes app and choose About Malwarebytes from the Malwarebytes menu.

If you're using 3.0.2 or 3.0.3, please let me know if you're willing to provide some additional information. Thus far, we're seeing that the RTProtectionDaemon app on the affected systems is byte-for-byte identical to the official copies, and we haven't been able to reproduce the issue on any of our systems here.

[FrankMartin]

Let me know what you need. Happy to help.

[treed]

We haven't seen any other cases since that single short period last week, and only a handful then. We've been able to verify that the code signature of the RTProtectionDaemon on the affected machines is correct and valid. We're not sure exactly what happened, but I'm leaning towards thinking this was a temporary Little Snitch bug that has been fixed.

[perk]

I have this problem now on High Sierra, Little snitch version 4.04 and Malwarebytes 3.1.1..505. Started this morning.

[treed]

We've seen some cases where, following a Malwarebytes update from the older version that had the code signing issue, macOS does not refresh a kernel cache that can result in this problem. If you restart your computer, it should clear it up.

[FritzIII]

I also just encountered the same issue with version 3.1.1.505 and Little Snitch 4.0.4 on Sierra 10.12.6. I will try a restart.

[doncatstl]

in continuum, just experienced the same.  running sierra 10.13.1, malwarebytes 3.1.1.505, little snitch 4.05 (kernel 5116).  presented with the exception indicating code signature mismatch.  restarting without modifying any rules and issue appears to have gone away.  will monitor.

[geekiemac]

Hello, this issue is still happening. I had it with Little Snitch 4.05 and also now with Little Snitch 4.1.3 nightly (kernel 5180).

macOS 10.13.6 High Sierra

 

Edited July 14, 2018 by geekiemac

[treed]

On 7/14/2018 at 8:58 AM, geekiemac said:

Hello, this issue is still happening. I had it with Little Snitch 4.05 and also now with Little Snitch 4.1.3 nightly (kernel 5180).

macOS 10.13.6 High Sierra

At this point, if you're using the latest version of Malwarebytes for Mac, the problem does not lie with Malwarebytes. The code signature is correct, and has been for some time. This is either an error in macOS or in LittleSnitch. Try restarting your system - which will clear the cache where macOS stores code signature data - to see if that fixes the problem.

[hankering]

Same problem, MWB 3.6.21; OSX 10.12.6.  Restarting did not fix it.

[alvarnell]

See my reply to your other posting on this subject.

[treed]

14 hours ago, hankering said:

Same problem, MWB 3.6.21; OSX 10.12.6.  Restarting did not fix it.

If restarting didn't fix the problem, you may actually have a damaged copy of Malwarebytes for Mac. Try downloading a fresh copy and reinstalling it:

https://malwarebytes.com/mac-download