Help

Mcafee revoked app certificate?

Sonic84
Contributor III

Posted on ‎02-18-2013 05:51 PM

http://arstechnica.com/security/2013/02/a-world-of-hurt-after-mcafee-mistakenly-revokes-key-for-signing-mac-apps/

"A McAfee administrator accidentally revoked the digital key used to certify desktop applications that run on Apple's OS X platform, creating headaches for customers who want to install or upgrade Mac antivirus products."

At the moment I can no longer install McAfee Security 1.2 using their preferred install method. Casper reports a successful install, however examining install.log reveals the install aborted because a trust issue. The fix is to grab the most up-to-date installer.

0 Kudos
4 REPLIES 4

donmontalvo
Esteemed Contributor III

Posted on ‎02-19-2013 04:05 AM

This was in my inbox when I woke up:

https://kc.mcafee.com/corporate/index?page=content&id=KB77390

Solution McAfee has resolved the issue and reposted all affected products to the download sites. You can download these with your grant number in the normal way.
--
https://donmontalvo.com
0 Kudos

dpertschi
Valued Contributor

Posted on ‎02-19-2013 04:58 AM

Getting the new package would be best, for me it was easier/faster to use Greg's package fixer...

https://managingosx.wordpress.com/2012/03/24/fixing-packages-with-expired-signatures/

0 Kudos

donmontalvo
Esteemed Contributor III

Posted on ‎02-19-2013 05:47 AM

@Sinic84 wrote:

Casper reports a successful install, however examining install.log reveals the install aborted because a trust issue.

I meant to ask, what are you deploying? Did you pull McAfee's PKG and deploy it, or was it a Composer snapshot, or did you wrap it to include pre/post-installation scripts? I was wondering since Casper didn't appear to flag the install as failed?

Thanks,
Don

--
https://donmontalvo.com
0 Kudos

Sonic84
Contributor III

Posted on ‎02-19-2013 07:35 AM

I've got install.sh (CMA/ePO components) and the virusscan package in one composer package. Each is executed in the postinstall script. It seems when "trustLevel=1" installd doesn't throw an error. I think Office 2011 SP1 does this too..... 

Feb 19 07:15:13 atosmbp15M6 installd[740]: ./postinstall: /dev/disk1                                            /Volumes/MFECMA
Feb 19 07:15:14 atosmbp15M6 installer[4802]: Product archive /Volumes/MFECMA/cma.pkg trustLevel=1
Feb 19 07:15:14 atosmbp15M6 installd[740]: ./postinstall: installer: Package name is McAfee Agent
Feb 19 07:15:14 atosmbp15M6 installd[740]: ./postinstall: installer: Certificate used to sign package is not trusted. Use -allowUntrusted to override.
Feb 19 07:15:19 atosmbp15M6 installd[740]: ./postinstall: "disk1" unmounted.
Feb 19 07:15:19 atosmbp15M6 installd[740]: ./postinstall: "disk1" ejected.
Feb 19 07:15:19 atosmbp15M6 installd[740]: ./postinstall: Installation will continue since MA 4.6.0 Patch3 is not already installed
0 Kudos