[ad_1]
On Monday night, Variety reported that movie publishers around Los Angeles who had installed the Avid Media Composer software had suddenly found that their Macs were not able to reboot. The publication speculated that the malware may be the cause. On Wednesday, Google revealed the real cause: an update to the Chrome browser.
Specifically, it was a new version of Chrome's Keystone update program that prevented many Macs from shutting down again, according to this release of Chrome's open bug. When the update was installed on Mac computers that disabled a security feature called System Integrity Prevention and fulfilled several other conditions, a crucial part of the Mac system file was corrupted, an employee said. from Google on the forum.
"That seems like a problem with a new version of Google Keystone," wrote another Google employee earlier in the discussion. "We have stopped the deployment and are currently working on the refurbishment."
When your Mac undergoes a "varsectomy"
SIP, as the protection of system integrity is generally abbreviated, was introduced in 2015 in the El Capitan version of macOS (called OS X at the time). As its name indicates, SIP is designed to protect the integrity of the operating system, including by preventing the deletion or modification of certain files and folders, except through specific authorized processes.
It seems that a bug in the Chrome update has inadvertently attempted to modify some parts of the macOS file system. When SIP was enabled – as it is by default – SIP worked as expected and prevented the change. When protection has been disabled, however, the file system has been changed to prevent restart of Macs. Specifically, according to the Chrome bug thread, the buggy Chrome update removed a crucial symlink to the / var folder.
"This results in a system instability that may include the inability to launch new user interface applications, to resolve host names in most programs running. and not to restart properly, "said one of Google's employees.
The specific requirements for the Chrome update to make this change are as follows:
- SIP must be disabled (or not present, as it is before OS X 10.11)
- The root directory, /, must be writable to the logged-on user.
- A version of Keystone containing bug 1.2.13.75 must be installed.
- Keystone needs to update a product it oversees.
The reason that many users of the Avid Media Composer program have been affected, pointed out Mr. Macintosh, Mac's company blog, is that some users of the movie editing software need to disable SIP while on the screen. use of third-party graphics cards. The publication nicknamed the virus / var-killing "varsectomy".
Google has instructions to restore untraceable Macs here. The process involves starting in recovery mode and then opening a terminal window, which is accessible among others from the Utilities folder. From there, run the following commands:
chroot / Volumes / Macintosh HD # "Macintosh HD" is the default rm -rf /Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle mv var var_back # var may not exist, but it is fine ln -sh private / var var chflags -h restricted / var chflags -h hidden / var xattr -sw com.apple.rootless "" / var
Then restart.
If all goes well, the Mac will restart with the Chrome buggy update that is no longer installed and with the damaged file system repaired. It was not immediately clear when a corrected version of the Chrome update will be available.
[ad_2]
Source link