After upgrading to macOS 13 Ventura, the Malwarebytes Endpoint agent reports Full Disk Access (FDA) is required even if permission is already granted. This article explains how to resolve this issue.
NOTICE - This issue does not affect endpoints if you've deployed a profile to enforce Full Disk Access using a Mobile Device Management tool.
Symptoms
Real-Time protection and suspicious activity monitoring are turned off on the endpoint and a prompt is requesting full disk access permission.
Cause
macOS 13 Ventura has a known issue (100857507) where Endpoint Security extensions might lose Full Disk Access authorization, with impact to their normal function. For more information, see macOS Ventura 13.1 Beta Release Notes.
Workaround
- Open the System Settings.
- Click on Privacy & Security > Full Disk Access.
- Click on Malwarebytes Protection to select it.
- Click the minus (-) button at the bottom of the list to remove the item. If prompted to enter your system password to modify settings, enter your password and click Modify Settings.
- Click on Malwarebytes Endpoint Agent to select it.
- Click the minus (-) button at the bottom of the list to remove the item. If prompted to enter your system password to modify settings, enter your password and click Modify Settings.
- Reboot the Mac device.
- The Malwarebytes Requires Full Disk Access window displays.
- Click Open preferences.
- The System Settings > Privacy & Security > Full Disk Access window opens.
- Toggle on Full Disk Access for Malwarebytes Protection and Malwarebytes Endpoint Agent in the list.