Posted on 07-01-2019 06:06 AM
Does anyone have any ideas about how to block users from trying to install these. I'd be keen to block even genuine flash player as its not really needed anymore. I'm thinking the best way may be just supplying the genuine one through self service and advising people this is the only source of truth. But people forget and still try these malware installers..
Posted on 07-02-2019 09:39 PM
We've currently set our config profile to set Gatekeeper to only allow apps from the App Store, and disallow bypassing (we also disable access to the Security panel in System Preferences) - until a better solution comes along.
2 developer identifiers have been announced for this new malware, but I haven't seen a way to be able to blacklist based on ID. You could set up a restricted application profile, but it only stops it after it's run, which may be too late?