Many Mac users today found, to their surprise, they are unable to print to their HP Inc printers, nor use the Amazon Music desktop app.
It appears to be a code-signing snafu affecting macOS Catalina (version 10.15) and Mojave (10.14), specifically. HP’s printer driver software, and the Amazon app, are cryptographically signed with a certificate that macOS uses to determine the applications are legit and can be trusted.
However, it seems that certificate, or certificates, have been revoked, perhaps through an XProtect update. This is the mechanism Apple uses to inform Macs to no longer trust certain programs, such as ones that turn out to be malware or ones where the signing certificate is compromised or stolen.
There is no central database of revoked certs, there’s one for each OS version it seems, so it may be that Apple canned, accidentally or otherwise, the certificates in question for just Catalina and Mojave installations.
‘No questions asked’ Windows code cert slingers ‘fuel trade’ in digitally signed malware
In any case, HP’s driver software and Amazon’s app, at least, no longer work on those two operating system builds. Users are told when trying to print, for instance, that HP’s application “will damage your computer,” and are given the option to run it anyway or send it to the trash. Trying to continue just loops you back round to the error message, with no work done. Punters are also encouraged to report this “malware” to Apple.
Unofficial workarounds for now include using AirPrint to an HP printer, or uninstalling the HP software and using a generic PostScript driver.
A Reg reader who tipped us off about the blunder told us he was able to jerry rig some IPP connectivity to get an older device to print: “We had a handful of printers where macOS would print into the ether. Windows had no problem. I found some IPP trickery on macOS Catalina worked on an older HP4650.”
We had a handful of printers where macOS would print into the ether. Windows had no problem
“Trying to open Printer Utility on MacOS 10.15.7 and I get a crash dump every time saying ‘Code Signature Invalid’ for the binary /Library/Printers/hp/Utilities/HP Utility.app/Contents/MacOS/HP Utility,” said one netizen.
“Yes, my Deskjet F4140 abruptly stopped working with both my Mac mini desktop AND my partner’s AirBook,” complained another. “The AirBook keeps insisting it’s malware (it’s not), while my desktop says the certificate has expired. Suddenly, HP and Apple are NOT playing well together! I’ve redownloaded and reinstalled the printer software TWICE now but nothing has changed, just the same message about HP Utility now missing. Our jobs depend on this printer, HP.”
Thomas Reed, dDirector of Mac & Mobile at Malwarebytes, tweeted to say his users were up in arms at the tech breakdown: “We’re seeing a significant influx of support cases where users are seeing macOS identify what appear to be legit processes as malware.”
Mac blog Electric Light Company has some more background, here. “You’re seeing that [error] message because macOS is checking the signature on your HP printer software, and being told that its signing certificate has been revoked,” it observed.
Spokespeople for HP, Amazon, and Apple were not available for immediate comment. ®