Jump to content
basezen

Cannot "Allow" MalwareBytes system extension with 10.13 (High Sierra)

Recommended Posts

After an other success install of the latest MalwareBytes 3.x on Mac OS High Sierra (latest updates, 10.13), I am instructed to click "Allow" in Settings -> Privacy & Security -> General tab.

On that screen it says (roughly) "Malwarebytes System Extension has been blocked. Click Allow" and I do, but that does absolutely nothing. I checked the underlying kernel extension database and indeed the com.malwarebytes.rtprotection kernel extension remains blocked

 sqlite3 /private/var/db/SystemPolicyConfiguration/KextPolicy '.dump kext_policy'

CREATE TABLE kext_policy ( team_id TEXT, bundle_id TEXT, allowed BOOLEAN, developer_name TEXT, …);

 

The 3rd field in that table shows as 0 (blocked) for MalwareBytes while 1 (allowed) for all the other extensions already installed.

Rebooting does not solve it. Otherwise MWB can run a manual scan.

syslog shows no error messages relating to this.

There's a lot of (highly charged) discussion about this, e.g.: https://forums.developer.apple.com/thread/79172 but nothing to resolve this particular issue. What to do?

Share this post


Link to post
Share on other sites

Never mind, this is redundant:

 

I do a lot of remote support for my clients! Why this is so hard to find I don't know.

Share this post


Link to post
Share on other sites

I'm glad you found that answer!

Just for anyone else reading who doesn't want to chase it down, you'll be unable to allow a kernel extension remotely via screen sharing. Apple imposes that restriction for security reasons, but unfortunately, this means that remote deployment of kernel extensions without requiring a "touch" from the user has gotten hard. Enrolling Macs in DEP and installing MDM software will smooth the ride.

Share this post


Link to post
Share on other sites

FYI to everyone reading this post.  I disconnected my TeamViewer session and had the client click on Allow.  Then took another remote session.  The installer completed and the Security setting was allowed.  Then I restarted.  The iMac no longer starts up. 

Even if it is Apple's fault.  The computer was not having problems prior to me installing Malwarebytes.  This is terrible behavior for Malwarebytes and makes me look horrible.  

This client is also a friend and she is 265 miles from my office.  So I either have to walk her ( she's 80 years of age ) through booting the iMac into Recovery mode and restoring her computer from her Time Machine backup, or I have to drive up there to fix this.  This is the last time I install Malwarebytes remotely.  

Really disappointed.  

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.