Jamf Nation Community

@bbracey In our initial testing, CB version 6.1.3 resolves this. However, any prior version of CB on the device has to be removed before 6.1.3 is installed. If you do an upgrade in place to this newer version, CB will still cause kernel panics with 2018-001.

Workflow:
Single policy removes CB version *old and then installs 6.1.3.
Once 6.1.3 is installed the devices fall into a smart group looking for that version.
Security 2018-001 is scoped against that smart group so it installs once 6.1.3 is in place.

You have to either remove the CB Sensor in safe mode, or install a version compatible with the Security Update. If you have a machine experiencing the issue, boot to safe mode, then run the uninstaller.

I got in touch with one of our security guys and they passed along a version of carbon black that was compatible, a recent release. We've not rolled it out yet but I put it on a test machine with 10.13.1 and was successfully able to upgrade to 10.13.3 with no issues.

Hope that helps.

theres a new version of CB/Bit9 and to remediate via deleting the b9kernel.kext

see this discussion too

The above worked well for us. Just don't forget quotes around cd Step 5 otherwise will not work as is.

InfoSec leaders often mandate the use of 3rd party security agents on macOS.
It is important to regularly audit the effectiveness of each security agent.
In other words, ask the team(s) responsible for each security agent to provide a monthly report for Mac systems.
What has the security agent caught or prevented? This info can help build a valid argument against using multiple 3rd party security agents.

Eric

had this same issue. Uninstalled worked well. Easy enough to roll out again once it is fixed up.