PSA: Symantecs latest Update causes the UninstallerTool to be Flagged by macOS as Malware!

Valued Contributor



Right now this is occurring at the point of installation utilizing SEPS version 14.2_RU2 on Catalina Machines. (My Environment is Catalina Only, Haven't tested on older OS)

So test your deployment / symantec installations out to see if you get this.

It is flagged at a temporary location


You cannot get past the screen until you remove the UninstallerTool.

I believe we must update the package installer & update all current machines by March 30th.

No official documentation (as far as I know) from Symantec / Broadcom.

Matt on slack provided his workaround :


Looking for a Jamf Managed Service Provider? Look no further than Rocketman

Valued Contributor III

Following this... I have a lot of machines on 10.13.x and 10.14.x.

I hope that doesn’t affect older Symantec engines. The newest installer with 10.15 is an abject disaster. I’m able to get it installed and deployed, but it is a CPU hog worse than usual. Luckily Catalina isn’t going to get serious in my org until summer.

Valued Contributor II

We are seeing this in testing of the 14.2_RU2 client on 10.15.3. Broadcom has been completely useless on the support front, and a real fix for this doesn't look like it will be available until Q3. Time to look at other (non-KEXT/SEXT) having AV products methinks...

Honored Contributor II

@dgreening, keep an eye on Jamf Protect. While it's still very new, kextless is the direction Jamf is pursuing.

Valued Contributor

Looking for a Jamf Managed Service Provider? Look no further than Rocketman

Esteemed Contributor II

"Symantec will address this issue fully in 14.3.

By then everyone will have moved on to Crowdstrike. 😉