Home > Mac administration, macOS, Scripting > Additional Zoom remediation from Apple via MRT

Additional Zoom remediation from Apple via MRT

Apple had released an MRT update on July 12th to cover the vulnerabilities disclosed for Zoom and RingCentral , but then additional Zoom variants popped up on the radar.

To fix all of the variants, Apple has released another MRT (Malware Removal Tool) update today. This fixes the vulnerabilities found in Zoom and its various white label versions which Zoom developed for third parties:

This MRT update has the following version number:

1.46.1.1563225526

The installer package receipt associated with it is the following:

com.apple.pkg.MRTConfigData_10_14.16U4075

To verify that you have this installed, here’s a one-line command to check for the latest installed MRT installer package:

To verify that com.apple.pkg.MRTConfigData_10_14.16U4075 does install 1.46.1.1563225526, here’s a one-line command to get the version number from the latest installed MRT installer package receipt:

To assist with getting information like this for Gatekeeper, MRT and XProtect, I’ve written a script that pulls the following information for each:

  • Version number
  • Installation date
  • Installer package receipt identifier

For more information, please see below the jump.

As of Tuesday, July 16 2019, the script below is producing the following output for my Mac running macOS 10.14.5 with the latest MRT update installed:

  1. Don
    July 16, 2019 at 9:26 pm

    Is there a way to force the Mac to check in with Apple to get the updated MRT?
    I have several Mac’s online, rebooted several times and they are still below ver 1.45

  2. Peter Trondsen
    July 19, 2019 at 3:08 am

    Looks like Apple pushed another update, the latest is 1.47.1.1563383512
    @ Don, check for software updates first

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: