Flood of Kext Updates Today? Thursday, Jan 12th, 2023 ~10am Eastern

[Stickyhavr]

Hello, Two different machines today (One running Monterey 12.6.2 and the other still in Big Sur) experienced a flood of kext updates around the same time. Block Block popped up with dozens and dozens of alerts (literally the whole screen was full of block block windows until I cmd+tabbed back to my Zoom meeting). This all seemed to happen around 10am Eastern.

The popups were all com.apple.MobileSoftwareUpdate.UpdateBrainService installed a kernel extension:

com.apple.MobileSoftwareUpdate.UpdateBrainService (pid: 1110)
process path: /private/var/db/com.apple.xpc.roleaccountd.staging/com....Mac0S/com.apple.MobileSoftwareUpdate.UpdateBrainService
process args: none

startup file: /System/Library/AssetsV2/com_apple_MobileAsset_MacSoftw…Library/Templates/Data/Library/Extensions/SoftRAID.kext
startup object: unknown

That's just one example, each one was a different .kext Did anyone else experience this?? Both machines were on the same network, so I was concerned that maybe it was actually malware of some kind?

Thoughts? Advice? Anyone else? Thanks!

[objective-see]

This is fixed in v2.1.5: https://github.com/objective-see/BlockBlock/releases/tag/v2.1.5

I've also just updated the latest version #, server-side, so an "there is an update" alert should (shortly) shown client side.