Update to MacOS X Detections

Himanshu Kathpal

Qualys MacOS X (Mojave, Catalina) detections have been updated to eliminate a set of false positive detections.

Previously, the detections used string matching against the “SecUpd and Security Update” string to identify installed security patches. This logic missed some installed patches resulting in false positives.

Qualys is changing the detection method use the build number to identify the patch status.

These changes will impact the following QIDs:

  • 372289
  • 372290
  • 372361
  • 372479
  • 373187
  • 373498
  • 374284
  • 374668
  • 374793
  • 375113
  • 375510
  • 375585
  • 375748
  • 375507
  • 375586
  • 375747

The QID modifications are live and were released to production in VULNSIGS-2.5.288-2 version on September 23, 2021.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *