Gatekeeper and XProtect on Izzy Macs

Owned by Doug Heady (Unlicensed)
Last updated: Sept 07, 2022 by Ed Bobak
2 min read

Gatekeeper and XProtect software updates on Izzy supported Macintosh systems

Description

The Macintosh OS has two built in security systems to protect against malware and security vulnerabilities via third party software and plug-ins.

Gatekeeper maintains a Apple whitelist of applications that don't require a security prompt to run. The level of enforcement of this list can be controlled through the Security & Privacy preference pane in System Preferences. The options are "Allow apps downloaded from: Mac App Store, Mac App Store and identified developers, or Anywhere" to be launched.

XProtect, a basic File Quarantine system on Macintosh OS, is a anti-malware scanner that performs a quick check of downloaded files to make sure they do not contain known malware, and will block any versions of Web plug-ins like Java and Flash that have known vulnerabilities.

Apple updates these lists on a regular basis and most often in conjunction with a critical update to, for example, Java or Flash. Gatekeeper and XProtect definition lists are silent updates so that no User intervention is required for installation. This also means that if a system's software is not up to date a User may receive a pop-up message that Flash, Java Plug-in, or other software is out of date and needs to be updated.

How is this supported on a MiWorkspace Macintosh system

The Macintosh Engineering Team maintains a Apple Software Update repository, and controls the release of Apple Software Updates to Izzy managed systems. Gatekeeper and XProtect definition updates are maintained in this repository. This allows us to do quality control on these updates and also to coordinate the release of critical security updates (Java and Flash for example) with the corresponding updates of Gatekeeper and XProtect definitions.