After the current update to Mac OS Sequoia 15.0.0, we have received numerous alerts stating the above “Suspicious Process - Unknown Binary Executing From com.apple Directory”. Is anyone else having this issue with their Mac devices in Rapid7 currently? It appears that all devices are using the “exe_path”: “/usr/libexec/xpcproxy”. Could anyone clarify a remediation for these alerts as well as clarification of the issue rather it is on Mac OS or Rapid7 side, thanks.
Upgrade to 15.1 as 15.0.0 has some vulnerabilities?
My esteemed colleague found out it is connected to spotlight search. Also we have noticed issues with spotlight search of already installed apps.
Furthermore the AI feature is an issue (performance wise on M1) (unrelated)
1 Like