Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack
Following last week's disclosure of new iOS malware called XcodeGhost, which arose from malicious versions of Xcode hosted on third-party servers, Apple has outlined instructions for developers to ensure the version of Xcode they are using is valid.
When downloading Xcode from the Mac App Store, or Apple's website so long as Gatekeeper is enabled, OS X automatically checks the app's code signature and validates it against Apple's code. If you must obtain Xcode elsewhere, follow these steps:
To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:
spctl --assess --verbose /Applications/Xcode.app
where /Applications/ is the directory where Xcode is installed. This tool performs the same checks that Gatekeeper uses to validate the code signatures of applications. The tool can take up to several minutes to complete the assessment for Xcode.
The tool should return the following result for a version of Xcode downloaded from the Mac App Store:
/Applications/Xcode.app: accepted
source=Mac App Store
and for a version downloaded from the Apple Developer web site, the result should read either
/Applications/Xcode.app: accepted
source=Apple
or
/Applications/Xcode.app: accepted
source=Apple System
Any result other than ‘accepted’ or any source other than ‘Mac App Store’, ‘Apple System’ or ‘Apple’ indicates that the application signature is not valid for Xcode. You should download a clean copy of Xcode and recompile your apps before submitting them for review.
Apple issued a statement in response to XcodeGhost over the weekend, noting that it has removed all infected apps it is aware of from the App Store and is working with developers to ensure they are using a legitimate version of Xcode.
"We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."
XcodeGhost affected dozens, and possibly hundreds, of App Store apps. iPhone, iPad and iPod touch users should read what you need to know about XcodeGhost to learn more about the malware and how to keep yourself protected.
Popular Stories
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch until September, there are already plenty of rumors about the devices.
iPhone 17 Pro concept based on rumors
Below, we recap key changes rumored for the iPhone 17 Pro models as of January 2025:
More aluminum: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro models ...
Apple regularly releases new firmware for the AirPods, AirPods Pro, and AirPods Max, but the company has historically provided limited information on how to initiate an update. That changed today, and Apple updated its AirPods firmware support page with more specific instructions.
Prior to today, here's what Apple said on the subject:
Firmware updates are delivered automatically while your...
Apple today released tvOS 18.3, the newest version of the tvOS 18 operating system that came out in September. tvOS 18.3 comes more than a month after Apple released tvOS 18.2, and it is available for the Apple TV 4K and the Apple TV HD models.
tvOS 18.3 can be downloaded using the Settings app on the Apple TV. Open up Settings and go to System > Software Update to get the new software....
Apple in October 2024 overhauled its 14-inch and 16-inch MacBook Pro models, adding M4, M4 Pro, and M4 Max chips, Thunderbolt 5 ports on higher-end models, display changes, and more. That's quite a lot of updates in one go, but if you think this means a further major refresh for the MacBook Pro is now several years away, think again.
Bloomberg's Mark Gurman has said he expects only a small...
Today we're tracking a few iPad discounts on Amazon, including the new iPad mini 7, M2 iPad Air, and M4 iPad Pro. These deals include multiple all-time low prices on Apple's tablets, matching the prices we tracked over the holiday season in many cases.
Note: MacRumors is an affiliate partner with Amazon. When you click a link and make a purchase, we may receive a small payment, which helps us...
This year, Apple is expected to discontinue the iPhone "Plus" device in its iPhone 17 lineup to make way for an iPhone "Air," so-called because of its thin profile.
Below is a compilation of every rumor and leak we have registered from reputable sources thus far about Apple's new entry in its flagship smartphone lineup.
iPhone 17 "Air"?
About the Name
There has been some uncertainty...
The upcoming iPhone SE 4 will feature a notch instead of the Dynamic Island, respected display analyst Ross Young said today. The device will have a "notch like the iPhone 14," according to Young, which contradicts a recent leak that depicted a Dynamic Island.
Earlier this month, leaker Evan Blass shared images said to feature the iPhone SE 4's design, but those images featured an iPhone...
