Question

PSA: Symantecs latest Update causes the UninstallerTool to be Flagged by macOS as Malware!

Forum|Forum|5 years ago
March 12, 2020
5 replies
43 views

+15

Hugonaut
Esteemed Contributor

Update: https://knowledge.broadcom.com/external/article/185809/

Right now this is occurring at the point of installation utilizing SEPS version 14.2_RU2 on Catalina Machines. (My Environment is Catalina Only, Haven't tested on older OS)

So test your deployment / symantec installations out to see if you get this.

It is flagged at a temporary location

/private/tmp/PKInstallSandbox.0Ugi1z/Scripts/com.remote.deploy.uQRXrO/UninstallerTool

You cannot get past the screen until you remove the UninstallerTool.

I believe we must update the package installer & update all current machines by March 30th.

No official documentation (as far as I know) from Symantec / Broadcom.

Matt on slack provided his workaround : https://macadmins.slack.com/archives/C09MMQVH6/p1583914412251600?thread_ts=1582931159.076000&cid=C09MMQVH6

B

+26

blackholemac
Honored Contributor
Forum|Forum|5 years ago
March 12, 2020

Following this... I have a lot of machines on 10.13.x and 10.14.x.

I hope that doesn’t affect older Symantec engines. The newest installer with 10.15 is an abject disaster. I’m able to get it installed and deployed, but it is a CPU hog worse than usual. Luckily Catalina isn’t going to get serious in my org until summer.

Like

D

+18

dgreening
Honored Contributor
Forum|Forum|5 years ago
March 12, 2020

We are seeing this in testing of the 14.2_RU2 client on 10.15.3. Broadcom has been completely useless on the support front, and a real fix for this doesn't look like it will be available until Q3. Time to look at other (non-KEXT/SEXT) having AV products methinks...