Docker is warning that Docker Desktop will not be beginning on macOS on account of malware warnings after some recordsdata had been signed with an incorrect code-signing certificates.
The primary reviews of the malware alerts surfaced on January 7, 2025, when macOS customers obtained an surprising ‘Malware Blocked’ message stopping them from opening the Docker containers administration app.
“Malware Blocked. “com.docker.vmnetd” was not opened as a result of it comprises malware. This motion didn’t hurt your Mac,” reads the alert on Macs.

Supply: GitHub
The seller clarified that the warnings are false and customers ought to disregard them. Nonetheless, guide motion must be taken to resolve the operational issues, which, as of writing, stay ongoing.
“We need to inform you a few new subject affecting Docker Desktop for some macOS customers. This causes Docker Desktop to not begin,” defined Docker in a GitHub subject.
“Some customers can also have obtained malware warnings. These warnings are inaccurate.”
The basis trigger of those inaccurate malware messages is an incorrect code-signing signature used on some recordsdata in current installations, possible inflicting a failure in file integrity checks.

Supply: Docker
The way to repair
As Docker remains to be investigating the incident, it has offered the next methods to resolve the malware warning issues:
Improve Docker Desktop to model 4.37.2, which features a everlasting repair. The replace could be downloaded manually or utilized from the in-app updater device.
Apply patches for older variations, 4.32 by 4.36, by selecting the proper launch from right here. Docker variations 4.28 and earlier will not be impacted by this drawback.
Comply with the decision steps offered on this information if the malware warnings nonetheless pop up after updating/patching.
IT directors can use this script to resolve the issue for all customers/builders, offered that Docker Desktop has been upgraded to model 4.37.2 or patches have been utilized on older variations.
Manually fixing the issue can be attainable for directors. This requires stopping Docker, vmetd, and the socket providers, eradicating the vmnetd and socket binary, and putting in new binaries that ought to have the suitable signatures. Lastly, restart the Docker Desktop app.
For full particulars on the out there options and their software, Docker has printed a doc right here.
As of writing, Docker’s standing web page nonetheless signifies a partial service disruption on consumer machines on account of this subject, and the effectiveness of the launched patches is at present being evaluated.