I've already said my piece about MacKeeper — I don't think Mac users need it, and the developer's aggressive marketing tactics leave a bad taste in my mouth. If you need more evidence that you should stay away from it, MacKeeper is now the target of a new zero-day vulnerability security advisory.
For the uninitiated, MacKeeper is an app you'll see plastered on pop-under ads around the Internet, especially in sleazy places like porn sites. The software purports to rid your Mac of junk you don't need, free up space and make it run better. To be frank, nothing that MacKeeper does is anything you can't do yourself for free. But that doesn't stop millions of Mac users from downloading and using the software. Some of them end up in the shop I work at on the weekends, asking for help to get rid of it because their Macs get screwed up.
SecureMac reports that MacKeeper's most recent release (as of this posting), version 3.4, has a flaw that enables remote code execution if a user visits a specially crafted web page. Security researcher Braden Thomas is credited with discovering the flaw.
Mr. Thomas released a proof-of-concept (POC) demonstrating how visiting a specially crafted webpage in Safari causes the affected system to execute arbitrary commands – in this case, to uninstall MacKeeper. This flaw appears to be caused by a lack of input validation by MacKeeper when executing commands using its custom URL scheme.
I have no doubt the developer will patch this exploit, but it's another good reason to stay away from MacKeeper and other software of this ilk. Software that requires "root" permission on your Mac is actively discouraged by Apple. In fact, Apple won't allow such software to be sold at all on the Mac App Store. That's one reason why you have to download MacKeeper yourself from a web site.
Bottom line: stay away from MacKeeper. It's just more trouble than it's worth.
(Nick Arnott contributed to this article.)
We may earn a commission for purchases using our links. Learn more.
Track CPU temperature and thermal throttling with the open source Hot
Ever wondered whether your CPU is so hot it's being forced to run slower? This free app tells you.
HomePod mini fans in Mexico and Taiwan can now place their orders
Apple's HomePod mini is now available in two more countries, but a third will have to wait a little while longer.
Check your apps are M1-safe with this free tool from iMazing
Want to know which apps are compiled with Apple silicon in mind? Silicon will tell you and it won't cost you a penny.
The most popular Animal Crossing amiibo cards are super expensive
There are hundreds of Animal Crossing amiibo cards, which can be used to bring specific villagers into New Horizons. Here are the rarest and most expensive ones.