Contents

Checks: Keep Firefox up-to-Date, Ventura Support, and Better Stats!

November 1st, 2022

Continuing our recent string of exciting updates to Checks system in Kolide (like our new Custom Check editor), we are pleased to announce a number of new Checks and improvements.

New Check: Require Firefox is up-to-date

As part of our Evergreen Vulnerability Management strategy, Kolide recently released the Require Firefox is Up-To-Date Check, which helps your staff keep Firefox updated on Mac, Windows, and Linux devices.

Kolide’s New Check “Require Firefox is up-to-date” will fail if Firefox is 7 or more days out-of-date and actively running.

This check works much like its Google Chrome counterpart. First, Kolide regularly polls Mozilla’s update servers to retrieve the latest released version number for each distribution channel. From there, it inserts the version numbers into the query that gets sent to the device dynamically. Finally, false positives are avoided by only producing a Kolide Issue if Firefox is actively running on the device.

macOS Ventura Support

Last week, Apple Released macOS Ventura. In our blog post, The Security and IT Admin’s Guide to macOS Ventura, we discussed how this update features an entirely all-new System Settings app (replacing System Preferences).

Starting in macOS 13 (Ventura) the old System Preferences app (left) has been replaced with the new System Settings App (right)

To support this change, we’ve updated all of our macOS Checks to dynamically supply fix instructions which direct users to the correct app (System Preferences or System Settings) and the corresponding Preference Pane, depending on which version of macOS they are currently using.

Improved Check Stats

Previously, Kolide considered devices that had not yet run a Check as “Passing.” To address this potential ambiguity, we have added a new status called “Pending.” You can now see how many devices are still waiting to return results for a Check; this is particularly helpful when you’ve recently enabled a new Check, and want to monitor its progress.

A screenshot of the new Check Pass/Fail report which now differentiates “Passing” devices from those that have not yet run the check (“Pending”)

New Check: Prohibit iCloud Private Relay

With the increased usage of iCloud Private Relay, we’ve had several requests from customers to introduce a Check that allows organizations to suggest that it be turned off. If you’d like to know more about iCloud Private Relay and the situations in which it may be a good idea to turn it off, we’ve also released an accompanying explainer article which covers all the details.

Our new article on iCloud Private Relay covers some of the issues users may encounter when they turn it on in macOS Ventura.

New Check: Prohibit “Unlock with Apple Watch”

macOS 10.13 and higher support an auto-unlock feature called “Unlock Mac with Apple Watch”. This capability allows a user who has a paired Apple Watch to automatically login to their device when they wake it from sleep without going through a password prompt/authentication.

Some organizations worry this in effect reduces the security of a Mac whose paired watch has been stolen to a 4-digit PIN, and can result in unauthenticated access in situations where an individual is near their device (eg. a bathroom) and someone wakes it from sleep.

On macOS Ventura, the “Unlock Mac with Apple Watch” setting was moved to the “Touch ID & Password” section of the System Settings app.

For organizations that want to encourage users to turn off this feature, we’ve created a new Check to do just that.

Believe it or not, we still have more exciting updates and improvements in store for the Kolide Checks feature before the end of the year! If you haven’t already, sign up for our newsletter so you don’t miss them.