Skip to content
daniel@cosenza:~/blog
macOSFix March 24, 2026 2 min read

Fixing 'App Is Damaged and Can't Be Opened' on macOS

The app isn't actually damaged in most cases — this is Gatekeeper's quarantine flag reacting to how the file was downloaded, and there's a legitimate, safe way to override it for software you trust.

“App is damaged and can’t be opened, you should move it to the Trash” is one of macOS’s most misleading error messages — in the overwhelming majority of cases, the app isn’t damaged at all. This is Gatekeeper and code signing reacting to an unsigned or ad-hoc-signed app that was downloaded through a path that added a quarantine flag.

Step 1: understand what’s actually happening

xattr -l /Applications/SomeApp.app

Look for com.apple.quarantine in the output — this attribute gets added automatically to files downloaded via a browser, and is what triggers Gatekeeper’s stricter scrutiny of the app when you first try to open it.

Step 2: check whether the app is actually properly signed and notarized

codesign -dv --verbose=4 /Applications/SomeApp.app
spctl -a -vv /Applications/SomeApp.app

spctl’s output distinguishes a genuinely corrupted or tampered app (a real problem) from one that’s simply unsigned or from an unidentified developer (not actually damaged, just untrusted by default).

Step 3: for software you trust, remove the quarantine attribute

xattr -d com.apple.quarantine /Applications/SomeApp.app

This is the standard, legitimate way developers and experienced users unblock software they’ve verified is safe but that Apple hasn’t notarized — only do this for software from a source you actually trust, since removing quarantine also removes the safety check it exists to provide.

Step 4: alternatively, allow it through System Settings

System Settings → Privacy & Security → scroll to the blocked-app
                   notice → "Open Anyway"

This appears only after you’ve already attempted to open the app once and been blocked — a slightly more guided, GUI-based equivalent to Step 3.

Step 5: verify the download wasn’t actually corrupted, if this is a fresh download

shasum -a 256 SomeApp.dmg

Compare against a checksum published by the software’s actual distributor, if one is available — a genuinely corrupted download (as opposed to a merely-unsigned one) is a real possibility worth ruling out, especially if re-downloading the file resolves the issue without needing any of the steps above.

Step 6: re-download from the original source if in doubt

If you’re not confident about a specific download’s integrity or origin, downloading fresh from the software’s official site or the Mac App Store — rather than removing quarantine on a file you’re uncertain about — is the safer path.

Why this message is worded so alarmingly for what’s usually a benign situation

Apple’s phrasing here errs deliberately on the side of caution — telling an average user “this might be unsafe, delete it” is a safer default message than a more nuanced but harder-to-parse explanation of code signing and notarization status. For anyone who understands what’s actually happening and trusts the specific software in question, Steps 3 and 4 are the legitimate, intended way to proceed — not a workaround exploiting a bug.