On 14 September 2021, Malwarebytes Incident Response was updated to use the latest Malwarebytes scanning and remediation technology included in our Malwarebytes Endpoint Protection product. Below are additional details related to this specific update.
Apple M1 Native support
To improve performance and reliability on M1 based Mac devices running on macOS Big Sur, we are releasing universal binary packages version 1.7.x which runs natively on Intel and M1 based Mac devices. Once updated, the Rosetta 2 translation will no longer be required to use our products on M1 based Mac devices.
Full Disk Access
We strongly recommend enabling Full Disk Access for Malwarebytes components as this allows for full scanning and remediation services on your macOS. You can identify these by looking for a notification in the Nebula and OneView consoles for macOS endpoints that do not currently have Full Disk Access. For more details on enabling Full Disk Access, see the following articles:
- Mac endpoint missing Full Disk Access in Malwarebytes Nebula
- Grant Malwarebytes Endpoint Agent Full Disk Access for Mac endpoints using UAMDM
Impact to Quarantine
To facilitate this technology update for Mac devices running Malwarebytes Incident Response, items in the quarantine will be removed during the update process. If you have anything in quarantine that should be restored, we recommend you restore it as soon as possible. Detection and Scan History reports will not be impacted by this.
Nebula and OneView user interface updates
Once this updated version is installed, Nebula and OneView consoles display macOS endpoints that were running Malwarebytes Incident Response now have an Endpoint Protection version. This is by design as the technology is used by both Nebula and OneView.
Endpoint level changes
Malwarebytes Incident Response for macOS has transitioned to using the technology included in Malwarebytes Endpoint Protection but with Real-Time Protection and App block disabled. With this update, the following daemons are added to each device:
- com.malwarebytes.ncep.settings.daemon
- com.malwarebytes.ncep.rtprotection.daemon