Your Mac May Not Be as Safe From Malware as You Think

Mac enthusiasts love to boast that their machines are invulnerable to malware. In fact, most PC-to-Mac converts do so in flight of the nuisances of Windows malware. Malware authors have primarily targeted Windows machines because the vast majority of desktop computers run on one Windows operating system or another. However, Mac malware does exist, and it’s starting to become more common.


Although OS X has some innovative protection features, it can’t protect Mac lovers from every piece of malware on the Internet. Installing antivirus for Mac software is an inexpensive way to add a layer of protection to your Mac experience. Although antivirus protection is no guarantee that you’ll never download a piece of Mac malware, it will block out most problems that could take your iMac or MacBook out of commission.

What Makes Mac Safer?

It’s true that malware developers target Macs less frequently than Windows computers. However, it’s also true that OS X has certain features that protect Mac computers from malware.

  • File quarantine. Mac applications that can download files, such as the Mail application or the Safari Web browser, use a file quarantine feature. Instead of opening the file, your Mac computer will display a gray box that says, “Are you sure you want to open it?” This feature is useful if you download a file that you think is an image, a music file or a movie. If the file contains any kind of application, then you should move it to the Trash.
  • Known malware check. In addition to quarantining downloaded files, Mac OS X v10.6 (Snow Leopard) and later scan downloaded files for known malware. When you try to open it, the file will say, “[File name] will damage your computer. You should move it to the Trash” or “You should eject the disk image.”
  • Web plug-in blocks. Many types of malware live inside vulnerable Java and Flash plug-ins. Apple disables vulnerable versions of these plug-ins so that they can’t run on your Mac.


XProtect and Gatekeeper

XProtect is Apple’s native malware scanner for Mac, which has been in place since Snow Leopard. With Lion, Apple introduced Gatekeeper, which validates an application’s digital signature before running it. In Lion, Mountain Lion and Mavericks, OS X users can authorize only applications from the Mac App Store, allow all applications or allow both Mac App Store downloads and applications from Apple-certified developers. If you try to open an unauthorized application, your Mac will display a gray box with the message, “[File Name] cannot be opened because it is from an unidentified developer.”

Although both XProtect and Gatekeeper are good programs, they each have vulnerabilities. Native Mac applications may have file quarantine, but third-party applications may not support it. If a peer-to-peer file-sharing network doesn’t support quarantine, for example, then you can easily download an infected file onto your Mac. You can try downloading a file from a trusted source and then open the file to run it. If you get no “Are you sure you want to open it?” message, then the source doesn’t support file quarantine, and anything you download could bypass XProtect.

With Mavericks, Apple created a possible malware backdoor that could bypass Gatekeeper. One Mavericks user can use the “Security & Privacy” panel in “System Preferences” to launch a blocked app. If the app gets transferred to another machine via file sharing or USB drive, then the permission that the original person set on the first machine passes to all subsequent machines. Therefore, the recipient loses Gatekeeper protection if the sender disabled it before sending the file.

Antivirus for Mac: Performance vs. Protection

Mac users often worry that antivirus software will affect their MacBook’s or iMac’s performance. Look for antivirus for Mac software offering a free trial period so you can test how it affects your computer’s performance. Set up your antivirus scans to run at night or on the weekends when you’re not using your Mac. Most importantly, make sure to buy from a verified security company; never purchase or download an unverified antivirus solution. Never forget about MacDefender, the Mac malware that posed as antivirus software.

Mac is invincible, but with a combination of antivirus software and OS X’s built-in protections, you’re far less likely to experience problems with a Mac than you are with a PC.

iMac and MacBook image by Antonio Tajuelo from Flickr Creative Commons

Mavericks screen image by Joseph Nicolia from Flickr Creative Commons

Comments Closed

Comments are closed. You will not be able to post a comment in this post.