Open phirk opened 1 year ago
Should have occurred to me before, but I removed all existing code from function limera1n_exploit
in file limera1n.c
and replaced it by simply return 0;
(since I'm not interested in using the limera1n exploit anyway).
Now Microsoft Defender no longer deletes the executable.
Yesterday (August 9, 2023) Microsoft updated its definition for MacOS/LimeRain.D!MTB; Microsoft Defender now detects this exploit in
idevicerestore
and immediately deletes the executable...What can we do about this? (If anything?)
(I work on a managed Mac provided by my company; Defender is installed by default and I cannot modify its settings)