Critical Security Issue on MacOS still exists

Beeree
Beeree Posts: 4 Observer
in Device Protection

Dear F-Secure,

One year before I reported a security issue which still exists in the newest versions on MacOS.

The fact is that F-Secure does not scan files that are synced with my Sync-Tool (a tool similar to Dropbox). What I am asking for is analysing the situation from F-Secures viewpoint and not fingerpointing to the sync software vendor. In my point of view it doesn't really matter if the vendor is following MacOS rules or not (which might other software and especially malware not as well). What matters is that a security software like F-Secure is not scanning the files like it should and misses malware completely when coming to the Mac in such way. Whether being it the real-time scanner nor manual scan catches the files synced with the software (tested with Eicar). Only a scan via cli (fsav) would hit it. Could you please review this security flaw again, please?

https://community.f-secure.com/en/discussion/129088/critical-f-secure-is-not-scanning-all-files-on-macos
Like Awesome

Answers

  • Chameni
    Chameni Posts: 265 Moderator

    Hi @Beeree,

    Thanks for the detailed report and for testing this so thoroughly. We understand your point: from a user’s perspective, it should not matter how a file arrives on the system, if it’s present on disk, security software should be able to detect it. Your testing and the comparison between real-time, manual scans, and fsav are noted and appreciated.

    Your report will be re-shared with our macOS product team so they can reassess this behaviour and evaluate whether additional mitigations or clearer documentation are needed.

    Thank you for raising this again and for your persistence. Feedback like this is valuable and helps us improve how we protect users on macOS.

    Like Awesome

Categories