Last summer, a piece of malware called Weknow.ac started making the rounds, usually disguised by a phony Adobe Flash Player installer. Earlier this month, a security vulnerability in recent generations of Intel processors was discovered. Here’s an overview and repair brief for each.

Weknow.ac Malware

In the last several years, a lot of malware has been installed by fooling the user into updating Adobe Flash Player. Adobe smartly offers automatic updates and Flash will reach end of life by the end of 2020, but not everyone knows.

Weknow.ac installs in a number of places on a Mac including phony applications, various Library folders, browser extensions, and even system profiles, not to mention all the changes to browser search and homepage preferences.

If you start seeing various ads on the screen or notice that your browser homepage or search engine changed, you probably have some kind of malware.

Removing Weknow.ac

Weknow.ac is the most difficult to manually remove among malware I’ve seen on the Mac and even Malwarebytes doesn’t fully resolve this one on its own. However, I would start with Malwarebytes and additionally follow the company’s removal guide.

Also, this guide from macReports provides special instructions for removing Weknow from Chrome (see step 5). Feel free to call me for support on any of the above.

Zombies Afoot

This article provides a full account of ZombieLoad, a recently discovered vulnerability that can affect nearly any computer with an Intel processor from 2011–2018. A hacker would be able to see anything stored in memory, including currently running applications, passwords, and more.

If your Mac is running macOS Mojave, make sure to update to 10.14.5, released last week. If you’re on Sierra or High Sierra, install the latest security update. If you habitually run updates as they’re offered, you may have done so already. These updates include a firmware update that patches this security issue.

The only other concern is about non-Apple web browsers like Chrome and Firefox. Updates for these browsers are coming within two weeks to protect them from the security risk. Read to the last section of the linked article to decide whether you think you’re at risk and want to consider switching to Safari or enabling the “full mitigation procedure.”

I’m happy to help anyone who wants to switch browsers, go full monty, or take another approach to feel safe from ZombieLoad. And again, give me a call if you want assistance removing malware or learning to discern good from evil in this crazy online landscape.