Check your extensions with KextViewr

Kernel extensions, or KEXTs, are serious, low-down software components which are essential parts of OS X. They are also high on the list of points of attack for malware: sneak a malicious KEXT onto someone’s Mac, and there is very little that you cannot do to or with it.

Even disregarding their security implications, KEXTs are so low-down that, if they suffer from significant bugs, they can readily cause a kernel panic, or even freeze your Mac without so much as a parting whimper.

Browse their folders – in /System/Library/Extensions and /Library/Extensions – and you will see a long list with impressive-looking names, and presume that they are all part of OS X. Except that some are not, but have been installed by third-party products. Knowing which is good and which might be bad has not been easy, and most users just shy away from them.

kextviewr1Objective-See’s new KextViewr tool changes this. As with Patrick Wardle’s other free security tools for OS X, it shows you what is there, provides its VirusTotal ‘threat’ score, details its code signature and authority, and so on.

kextviewr2KextViewr is free, runs happily under El Capitan and earlier, is easy to use, and is an excellent tool for checking out the KEXTs installed on any Mac. It is hardly the sort of thing that you run daily, but valuable reassurance during a monthly housekeeping routine, or when you are unsure whether something nasty might have got onto your Mac.

Every Mac user should use it.