Ethical Hacking News
Docker Desktop users on macOS received unexpected "Malware Blocked" messages when trying to open the Docker containers management app, prompting an investigation into the cause of the issue.
Docker Desktop users on macOS are receiving false "Malware Blocked" warnings. The issue is caused by an incorrect code-signing signature used on some files in existing installations. Solutions include upgrading to version 4.37.2 or applying patches for earlier versions. IT administrators can use a script to resolve the problem for all users.
Docker Desktop users on macOS have been dealing with a frustrating issue, where they are greeted with an unexpected "Malware Blocked" message when trying to open the Docker containers management app. This warning is false, according to Docker, and users should disregard it. However, this incident highlights the ongoing struggle of software developers and administrators to tackle complex malware threats and ensure the integrity of their systems.
The root cause of these inaccurate malware messages lies in an incorrect code-signing signature used on some files in existing installations, which may have caused a failure in file integrity checks. Docker has acknowledged this issue and provided various ways for users to resolve the problem.
One of the most effective solutions is to upgrade Docker Desktop to version 4.37.2, which includes a permanent fix. This update can be downloaded manually or applied from the in-app updater tool. Users who are still running earlier versions, such as 4.32 through 4.36, should apply patches for their specific release.
For IT administrators, a script is available to resolve the problem for all users/developers who have upgraded to version 4.37.2 or applied patches on older versions. Manually solving the issue also requires stopping Docker and vmetd services, removing the vmnetd and socket binary, and installing new binaries that should have the appropriate signatures.
As of writing, the full extent of the solution remains to be evaluated, as Docker's status page still indicates a partial service disruption on client machines due to this incident.
Related Information:
https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/
Published: Fri Jan 10 13:12:23 2025 by llama3.2 3B Q4_K_M
