Tech 101: Do Macs Need Antivirus Or Anti-Malware Software?

One reason that many people move from the world of Windows to macOS is because they’re tired of the hassles of having their PCs infected with viruses and other malware. The other reason? The miseries of the tools that allegedly fix those problems but cause even new PCs to run slowly and crash more often. When new Mac owners first set up their new machines, one question they may have is whether or not they’re taking a risk by not installing that same genre of application on their Macs.

The answer to the question “Do Macs need antivirus or anti-malware software?” is “No, but…” As a Mac user since late 1984, I have never had a virus, and I’ve rarely seen malware that caused an issue for more than just a few minutes. That includes the early days of Mac when the operating system wasn’t Unix-based with all of its built-in security features.

Related article: How to Use Mac’s Disk Utility to Securely Wipe a Drive

So, as a longtime Mac owner and user, a former Mac consultant, and a writer specializing in the world of Apple devices, I’ve usually used my Macs with absolutely no anti-virus or anti-malware software.

Am I just lucky? Not really, because even without a specific antivirus or anti-malware package installed, I take a lot of precautions and Apple has built in a number of “safety nets”. They’re the functions that are constantly monitoring what’s going on behind the scenes on your Mac to keep you safe. First, I’ll talk about Apple’s safety nets, then other precautions that can help keep your Mac safe with minimal fuss.

Apple’s Built-In Safety Nets
The first safety net keeps you protected from most malware. XProtect runs constantly in the background on OS X and macOS machines. It’s installed by default, runs without user intervention, and is even updated automatically. Since it is part of the operating system, it’s also very fast and doesn’t cause the usual slowdowns associated with dedicated antivirus/malware apps.

As Apple is made aware of vulnerabilities and malware, both from “white hat hackers” and security firms, it invisibly patches XProtect to keep your Mac protected.

XProtect matches files and applications that have been downloaded to your Mac against a list of known “bad guys”. If it catches a malicious file, you’ll be notified immediately, usually with a message stating that “the file may damage your computer”, the type of malware or virus it caught, and a warning to move the file to Trash immediately (see image below).

Gatekeeper is another handy tool that’s watching out for you. Have you ever downloaded an app from somewhere and seen a message that said something like ” ‘App name’ can’t be opened because it was not downloaded from the Mac App Store” or ” ‘App name’ can’t be opened because it is from an unknown developer”? That’s Gatekeeper at work.

Gatekeeper is another part of macOS that builds upon the XProtect malware protection to insure that apps that have not gone through the rigorous vetting to get into the Mac App Store or that have not been digitally signed by a developer can do anything bad to your Mac.

One thing about Gatekeeper is that it can be set up to provide various levels of “gatekeeping”. This is done by launching System Preferences > Security & Privacy > General, and then selecting one of the available choices. If you like living on the edge of danger, you can set it up to allow downloads from “Anywhere” — this is not recommended, as there’s a higher probability of downloading an app with a malicious payload (see image below):

Instead, leave the setting at “Mac App Store and identified developers”. This is the default setting and allows Mac App Store apps and those from developers that have used digital signing on their apps to be immediately downloaded and installed. If the setting is left at “Mac App Store”, any file downloaded from another site — like a trusted developers website — will not be allowed to install on the Mac.

On occasion, you might get a warning from Gatekeeper about an app that was downloaded from another site. You may get the option to still install it, but if the dialog that appears doesn’t give you that option, you can right-click it and select “Open” from the contextual menu to launch it.

Now let’s talk about other precautions that you should take if you want to forgo antivirus or anti-malware software on your Mac.

Enable Your Mac Firewall
macOS has a built-in firewall, basically a software “cop” that watches the various TCPand UDP ports associated with your Wi-Fi or Ethernet network. Your Mac needs to have some of these ports open in order to communicate with the rest of the world; for example, port 80 is needed for http (hypertext transfer protocol) — that’s what’s sends the bits and bytes to your web browser to let you see this page. Secure IMAP (for email) wants to have TCP port 993 open, and so on…

The firewall pretty much shuts down all TCP and UDP ports that are unneeded so that a digital attack can’t sneak in through a targeted port. On occasion, you may install an app that requires access to a particular port; those apps generally provide instructions on how to enable the port.

Most cable or ADSL modems and Wi-Fi routers also have firewalls built in and enabled by default; enabling the Mac firewall provides another layer of protection. To turn it on, just go to System Preferences > Security & Privacy > Firewall, and if the firewall is turned off, click the lock in the lower left corner of the window and enter your administrative name and password, then click the Turn Firewall On button (see image below):Other ports can be opened or individual applications allowed to work with specific ports by clicking on the Firewall Options button.

Keep Your Apps and Operating System Updated
Almost every app or operating system update made by Apple or third-party developers includes security updates. Sadly, many people still forgo updating their operating system or apps to the latest and greatest versions. If your apps provide a way to automatically download and install updates, enable that process. When those annoyingly slow Microsoft Office updates appear, run them. When you read on the Rocket Yard that a new version of macOS (or an update to an earlier version of macOS X) appears, run it.

Don’t Install Apps From Shady Developers or ‘Freeware’ Sites
It never ceases to amaze me that people who are willing to spend thousands of dollars on the latest Mac hardware can be so frugal when it comes to software. I’m talking about folks who don’t want to spend money on apps, so they go to freeware or torrent sites where they can get cracked versions of apps free.

That free software — if you’re unsure of its provenance — can ruin your day. If a “free” version of an app seems too good to be true, it probably is. While some software pirates just want to keep valid development firms from making profits that can be rolled back into research and development, others like to load those apps with a little extra malware.

Related article: An Annual Reminder: Watch Out For ‘Phishing’ Scams

Pay for your software to support the developers who work hard to make the best possible products. For apps you’re not sure will do the trick for you, see if they have a trial version available before you buy. Not sure about a developer’s pedigree? Do Internet searches and find out if they’re a valid company. Read websites such as the Rocket Yard to find recommended free apps and utilities from reputable firms.

Still Not Feeling Comfortable? Install Antivirus or Anti-Malware Software
You may still not feel comfortable with not having antivirus or anti-malware apps installed on your Mac. If that’s the case, then it’s perfectly acceptable to buy security apps from the big names in the business and install them.

Bitdefender Antivirus for Mac is well-liked and reputable, as is Sophos Home for Mac. The latter app has an extra bonus — it’s free. The big names like Symantec/Norton, Kaspersky, and Trend Micro all have products as well, so be sure to look around before deciding on a package — if you really feel that you need one.


LEAVE A COMMENT


  • It’s also good practice to set a separate admin account for your Mac and setting your normal, day-to-day user as NOT having admin privileges. It’s a simple step that may help you one day…




  • Before reading this, I gave little thought to the idea that an update to an app might be for security purposes. I have resisted doing updates because they invariably resulted in changes to the format or operation, or so it seemed, that I had become familiar with. Not so from this moment forward. Thank you for updating my brain!




  • I’m surprised you didn’t give Intego a shoutout. I’ve run their software for years and been very happy.




  • The firewall is an application firewall, not a network firewall:

    https://support.apple.com/en-nz/HT201642

    To add more sec urity for your Mac use pfctl:

    man pfctl

    pfctl — control the packet filter (PF) and network address translation (NAT) device

    Or a nice front end to manage the complexity, something like this:

    murusfirewall.com/

    Murus is a front end for the OS X built-in PF packet filter.
    It’s main purpose is to speed up network firewall configuration and testing, using a simple interface. Filtering rules and networking options can be set dragging and dropping icons, changing their order, and selecting check boxes. There is no need to learn code syntax or to type shell commands. Everything is managed by visual elements like buttons, collections, lists, icons, leds.




  • Even with Mac OS’s built-in safeguards, I like having the extra protection of anti-virus/malware software. My anti-virus of choice, Intego, wasn’t included in the list in the last paragraph above, but I think it was around before most–perhaps any–of the others were.




  • I use Kaspersky. It does the job for me.




  • I always use an extra security layer, AVG is a free antivirus tool that does not overload the system.




  • I’ve used Mac’s to run my business with for 30 years now. In that time I have had only one or two instances of a virus or malware infection. It was so long ago I can’t remember exactly how long it took to research and get rid of it. But I know it was less than a day. I’ve purchased various Anti-Malware software over the years when one of the Mac’s seemed to be running unusually slow or crashed often. A few times the software did find something, and trashed it. Then because the software would make the computer almost unusable, I would turn the software off and be fine for another four years or so. Recently I had to clean a friend’s iMac that was severely infected do to letting a company tell him over the phone they had detected a virus and that they could get rid of it for X amount of dollars. Of course the price kept going up and the computer became less and less useable. I bought Bitdefender and it was able to either clean or point me in the right direction for everything they had installed on his computer. Within a couple hours I had his computer running smoothly again and to my surprise the Anti Virus software did not slow his iMac down. So if you do think you need Anti Virus software, I can definitely recommend Bitdefender as a product that will have little to no affect on the speed of your Mac or it’s stability. And it did an amazing job of cleaning up a severely compromised OS.




  • Well, I’ve had a MacBook Pro ruined (spinning beach ball of death and total freeze) by something and when I opened an email I sent from the MBP to a desktop G4, it too was ruined. Same thing happened to a PowerBook G4. I was running Avast on the MBP. A certified Apple specialist ran diagnostics on both hardware and software on the MBP and could find no problem, but it still exists. I’m now afraid to transfer all my files, apps, etc. over to my new MBP. BTW, I bounced this problem off a tech at OWC and he could not offer any solution. This happened less than two months ago.




  • I use Sophos or ClamXav. While the tools and best practices cited are good. I need to exchange files with people on various computers, and must be positive I am not distributing malware.
    I also have to use a lot of 3rd party tools that simply arent on the App store. Drivers and control panels for many audio and video tools fall easily under this umbrella.




  • Good to know, my Mac is about 8 years old and this is all stuff I forgot about. I will go back and review my settings, thank you.




  • I have trusted Apple who then stopped supporting iWeb, Final Cut Express, iPhoto, Aperture, and much of the expensive hardware I’ve purchased over the years, like my old Epson (expensive) scanner. If they acted in a responsible way, I just might trust them. What’s the point of the added expense of a new Mac without assurances?




    • If you still have your Epson scanner, or any scanner issues, try VueScan. I got a Canon MB5320 and the ADF gave an error and I notified him. He sent back a nice email and fixed it pronto!
      hamrick.com




    • That’s one hell of a first world problem you have there.

      I used iWeb and Aperture for years after support stopped.

      Or perhaps they cam round to your home and took them away from you??




  • I agree with everything, except what about the Mac that you can no longer upgrade the OS?




    • If your Mac is old enough, Apple no longer supports the installation of the latest OS. And for the two old Mac Pros I have, that work great. It seems Apple has quit updating the old version of the OS. So I have no idea if they are even patching the old OS. But the machines run great and why get rid of them if they are doing their job. I understand why Apple cannot make their new OS to run on the old machines. It’s just sad some days when a perfectly good and very fast computer is outdated because it is 11 years old.




    • +1. I don’t catch malware, but I service the Macs of people who have. Most of it is adware/spyware installed with “frugal” or “coupon” software, or “helpful browser bars,” with only one client in 15 years who had anything worse (a Ukranian DNS poisoner). In nearly all cases, I just download the free Malwarebytes for the Mac, and these nuisances all evaporate.