Apple has pushed updates to XProtect and XProtect Remediator

Apple has just pushed its regular fortnightly update to XProtect Remediator security software for Macs running Catalina or later, bringing it to version 84. Accompanying it is an update to XProtect’s data, bringing them to version 2165 (Apple doesn’t appear to have released 2164).

Apple doesn’t release information about what security issues these updates might add or change, and this update doesn’t add any further scanning modules to XProtect Remediator. In XProtect’s Yara definitions, it adds a new detection for MACOS.da36796, whose true identity may be discovered shortly.

You can check whether these updates have been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Ventura available from their product page. If your Mac hasn’t yet installed these updates, you can force them using SilentKnight, LockRattler, or at the command line.

Although my Content Caching server itself had no problems installing these updates, it has persistently refused to serve them to local clients, so I have once again had to disable the Content Caching server to perform the updates. Sigh.

If you want to install these as named updates in SilentKnight, their labels are

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

I maintain lists of the current versions of security data files for Ventura on this page, Monterey on this page, Big Sur on this page, Catalina on this page, Mojave on this page, High Sierra on this page, Sierra on this page, and El Capitan on this page.