​Do Macs need antivirus software?Posted onAugust 22nd, 2019 byandOne of the most common questions Intego receives is whether Macs need antivirus software. Naturally, it’s fair for you to assume that our opinion may be a bit biased—not just because Intego offers antivirus software as well as a to protect Macs, but also because our malware researchers are at the front line, and regularly discover new malware that targets the Mac.But if you want to make your own informed decision about whether Macs need antivirus software, you’ll need to examine the facts.

Let’s explore such topics as what built-in protection macOS offers, what types of threats it can and cannot stop, and several common myths about antivirus software.First, let’s get some terminology out of the way. While the industry still talks about “anti-virus” software, there hasn’t been a virus that affects the Mac in a very long time (unless you count Microsoft Office macro viruses). However, malware—which is the broad category for any malicious software designed to do things such as damage or steal files, spy on a user by recording photos, videos, or keystrokes, or usurp a user’s identity—is rampant on both Windows and Mac. Mac malware is continually increasingMalware specifically targeting the Mac has been increasing significantly in recent years. According to, an independent malware research institute, “the number of malware programs for Apple‘s operating system macOS has almost tripled.

While the share of Mac malware compared to Windows malware is still quite low, there were nearly 100,000 samples found that affect Macs in 2018.”More recent reports have suggested that in particular, and that the total number of Mac malware threats rose 400% in 2019 and now.As Windows has become more secure and Macs have increased in popularity, many cybercriminals have seen an opportunity to expand the scope of their attacks. Mac users tend to be much more complacent, since the platform has a very good reputation for security. But while the Mac is perceived to be relatively safe from some perspectives, it certainly has its flaws; no platform can be 100% secure.Today’s malware differs from what we worried about in the early days of computing. Early viruses generally just deleted files or displayed strange screens or windows, but today’s malware is designed by cybercriminals who are in it for the money. Whether through stealing your credentials for a website or service, infecting your computer with ransomware, or, one of the main motivators for most malware makers is to make money.Cryptocurrency miners are an interesting example of a legitimate technology that has been turned into something that’s either malicious or undesirable (the latter is often abbreviated PUP or PUA, for potentially unwanted program or app).

XMPCR-redux XMPCR Receiver Control Status: Alpha. JavaScript is required for this form. Engineer’s Toolset™, and Network Topology Mapper (NTM). Each of these software tools was designed to help small businesses solve network issues and provide quick time to value at an affordable price. Start Free Trial.

Cryptojacking software uses a computer’s processor or graphics card to “mine” for Bitcoin, Monero, or other, without the knowledge or explicit consent of the user. The more devices can be hijacked for this purpose, the more money the perpetrators can make. And in some cases cryptojacking is done via JavaScript code embedded within a web page, so merely visiting a compromised site could lead to a drive-by attack.While it is helpful to advise people to only download software from reliable websites, avoiding malware is not as simple as abiding by that rule. There have been cases where developers’ websites have been hacked and their software has been infected with malware (e.g. Convert csv vcf file. —, and ), and other cases where into distributing malware,.

And while Apple’s Mac App Store is generally considered to be safe, there have been incidents where App Store apps were also laden with malware or PUPs (e.g. And ).Intego regularly discovers new malware, and very recently,. But beyond malware specific to macOS, there are new types of vulnerabilities, such as, which exploit weaknesses in the processors that run Macs, which in some cases can be easily targeted. As we wrote in our explainer about these vulnerabilities, “The end result of leveraging Meltdown and Spectre could include leaks of sensitive data such as passwords and credit card information, among other things.” Some Apple updates have partially mitigated the risk of these vulnerabilities, but newer devices aren’t completely impervious to such attacks, and many older devices aren’t protected at all. As malware creators continue to search for vulnerabilities, they will find others, and targeting the hardware instead of the operating system makes these vulnerabilities much more serious and difficult to protect against. But “anti-virus” software can often detect attempts to exploit known vulnerabilities, and can quarantine apps that try to do so (see for examples of other Mac malware that has been found).

Gatekeeper: Apple’s app verification protectionWhile macOS contains some protection against certain types of malware and PUPs that you may encounter, this protection is limited. Is one of Apple’s technologies designed to protect you from potentially malicious apps. The Mac’s Security & Privacy settings allow you to limit the installation of apps to just those apps downloaded from the App Store, or to the App Store and developers who have added an Apple-approved code signature to their apps.It’s possible to override these settings.

If an app is blocked, you can Control-click it and choose Open, and you’ll be shown a dialog asking you to confirm your action. Once you have done this, you won’t be asked again when you re-launch the app.Security researchers occasionally discover. Apple patched the most recent Gatekeeper bypass about two months after it was discovered, but it’s just a matter of time before someone finds another way around it. XProtect: Apple’s malware detection engineAnother technology in macOS is known in the industry as XProtect (nicknamed after the XProtect.plist data file in macOS). Apple does not use this name on their website, but rather talks about, and has in the past called it the (an ironic misnomer, since the XProtect data file could more accurately be described as a list of unsafe files).

This is a rudimentary, signature-based tool that detects certain specific types of malware after it has been downloaded onto your Mac, and warns you if you’ve downloaded something that Apple considers potentially dangerous. Apple also has a background utility called the Malware Removal Tool (MRT) to delete malicious software that may already be on your Mac. Apple has also used MRT to disable non-malicious but vulnerable software, in the case of the recent Zoom vulnerability, which we discussed on of the.When you download a file with Apple’s Safari, Messages, or Mail apps (or certain other apps that are properly configured, like many third-party web browsers), a quarantine bit is set. This tells macOS to check the file using the XProtect signatures at the time the file is opened. However, Apple’s quarantine system only tags files downloaded with those specific apps.

If you download files with another browser, from an FTP or other file server, or via cloud storage software like Dropbox or Google Backup and Sync, then this protection does not come into play. Also, while updates to XProtect are automatically installed by default on Macs, some people may turn off the automatic update feature and not get the updates in a timely manner. (You can learn all about macOS software updates in.) Moreover, Apple often takes a long time before they add signatures to XProtect, and they only include signatures for a handful of strains of malware, whereas Intego updates its malware signatures as soon as new threats are discovered and detects all known Mac malware (as confirmed by multiple independent tests).Now that we’ve looked at the built-in malware defenses in macOS and some of their limitations, let’s examine some common myths about Mac malware and third-party antivirus software. Myth #1: Malware only comes from “shady” sitesMany computer users—perhaps especially Mac users—believe the myth that if you simply avoid less-reputable places on the Internet—such as, porn sites, illegal gambling sites, or sites distributing copyright-violating content, illegal copies of software, or “cracks”—you’ll be able to completely avoid any malware infections.

Ah, if only it were that simple!Unfortunately, this is not the reality.

It was —and for basically everyone else on Earth, too, of course. But on Thursday we got a little bit of a sense of how Apple has weathered the storm so far and what might be in the company’s future, as Apple reported its quarterly results and spent an hour.As always, these federally mandated disclosures are unlikely to generate major news—though analysts often try to use the Jedi Mind Trick on Apple CEO Tim Cook to get him to preannounce new products. (It never works.) Still, there’s usually something useful to be gleaned from Apple’s executives, and this quarter was no exception. Optimism, but no promisesCook said that the quarter was actually shaping up to be a good one, “headed toward the top end” of Apple’s initial projections made in late January. We all know but Cook indicated that Apple’s business in China—which entered lockdown before the rest of the world and is now emerging from it—is now rebounding. “From a demand point of view, we saw an improvement in March over February,” Cook said.

“And if you look at kind of where we are today, we’ve seen further improvement in April as compared to March.” And Apple Retail did well in China during the quarter despite closing its stores for a month, with a lot of demand just shifting over to online orders, in a move Cook called “really phenomenal.”As for the rest of the world, Cook offered a little bit of optimism there, but of a different sort. He said that Apple saw some improvements in the second half of April in the rest of the world, but suggested that they were probably due to people realizing that the pandemic would be going on for the long haul and that they might want to invest in some new Apple equipment to use while working at home. AppleApple and CEO Tim Cook did not provide guidance for the next fiscal quarter.Still, the big news from Thursday was that Apple was refusing to provide guidance, a fairly standard procedure in which the company provides its best guess about how well it will do during the current quarter. Apple’s often accused of being overly conservative with its guidance, so that it can impress investors when it beats the prediction.

Lately, though, the company has been more accurate with its predictions. But this time? No guidance at all.“Given the lack of visibility and certainty in the near-term, we will not be issuing guidance for the coming quarter,” Cook said.

“Over the long term, though, we have a high degree of confidence in the enduring strength of our business.” It’s a message of overall stability and confidence, but the refusal to even make a prediction about what numbers the company will release in late July shows just how uncertain it is about how the COVID-19 crisis will play out. Apple is still chugging awayAnother major theme Cook hit on during Thursday’s call was Apple’s own resilience as a company.

The supply chain is “back up in full force,” Cook said. He pointed out that during trying times, the company managed to ship the iPhone SE, the iPad Pro and Magic Keyboard, and a revision of the MacBook Air. AppleTimes are tough, but Apple still managed to ship products such as the new iPad Pro and Magic Keyboard.“And so business continues,” Cook said.

“We’re continuing to work, everybody is getting used to the work-at-home. In some areas of the company, people may be even more productive—in some other areas they’re not as productive. It’s mixed, depending upon what the roles are.

But as you can tell from what we did this quarter, despite the environment, we have our head down and are working because we know that our customers want the products that we’ve got. They’re even more important in these times.”I’m really curious what areas of Apple have been found to be more productive in a work-from-home setting, and which ones are seeing productivity declines. I’m even more curious if that will lead Apple to make some changes to its corporate policies over time, to allow more employees to work remotely rather than being clustered in Cupertino and other Apple product centers. I also have been around Apple long enough to know that we’ll probably never get the answer to either of those questions. Services goes two waysThe weird quarter did nothing to stop the growth of Apple’s Services business, which grew 17 percent versus the year-ago quarter, the latest in a years-long streak of impressive growth. However, Apple CFO Luca Maestri made it clear that there are two different aspects to the Services business—one of which is largely unaffected by the COVID-19 crisis, and one of which is.“Our ecosystem is very strong,” Maestri said, citing double-digit growth in the number of paid accounts. Apple expects the App Store, Apple TV+, Apple Music, and iCloud to continue growing “at the same level of performance that we have seen during the March quarter.

We expect all those businesses to grow very strongly.” AppleAppleCare took a hit this past quarter.Then there’s the other part, which includes AppleCare and advertising. You may not think of AppleCare as a service, but it’s in the category—and in an era where retail stores are closed, it’s not doing very well. As for advertising, that’s a category that’s among the first to go during a global economic slowdown, and Apple does make some money from advertising—via search results in the App Store, in the Apple News app, and via other third-party agreements. That part of Apple’s Services business is not expected to soldier on through the crisis—it’ll fall. Whether it can do enough to slow the overall growth of the Services line remains to be seen. Products buoyed by the crisisIn these times of crisis, some Apple products may see more success than others. Specifically, Cook and Maestri mentioned the iPad and Mac as products that will do well over the next fiscal quarter.

“That’s customers that are either taking online education or working remotely,” Cook said. Maestri’s opening statement mentioned how “businesses everywhere have been making the transition to working remotely,” and cited the example of connected exercise-bike company Pelaton deploying “an entire fleet of Macs overnight so their team could work remotely.”Cook also said that some of Apple’s services, most notably FaceTime and Messages, “set new all-time records for daily volume during this quarter,” which isn’t surprising given that we’ve all been trying to find new ways to stay connected to friends and family while being isolated. Xiaomi/AppleApple CEO Tim Cook said the Apple Watch is being used for telemedicine.There’s also some opportunity for Apple on the health front. Cook pointed out that the ECG function on the Apple Watch is increasingly being used for telemedicine, to reduce the amount of contact between health care providers and their patients. “You can bet that we’re looking at other areas in this,” Cook said. “We were already doing that, because that area was a huge opportunity for the company and a way for us to help a lot of people.

And so you will see us continue on that. I wouldn’t say that the health door opened wider, I would say it was already opened fairly wide.”Rumors have swirled for years that Apple’s been toying with the idea of adding a pulse oximeter to the Apple Watch’s collection of sensors. Measuring the amount of oxygen in the blood has become a major diagnostic tool for COVID-19. You’ve got to wonder if Apple’s perfectly positioned to roll out new features like that in the near future, due to their long-term focus on health features. The international supply chain is doing fineWhen analyst Amit Daryanani of Evercore suggested that perhaps Apple’s manufacturing strategy could use a little bit of geographic diversity, with the implication that Apple’s too reliant on China.

Cook pushed back, surprisingly hard.“Our supply chain is global,” he said. “And so our products are truly made everywhere. And I would focus on that, versus focus on one element of the manufacturing process, which tends to get more visibility, which is the final assembly.” That’s not to say that Apple might not learn some things from this crisis and make changes to how it does business. “We’re always looking at tweaks as we get out of this totally, we will look to see what we learned and what we should change,” Cook said. Apple invests through the downturnWe are living through perhaps the biggest economic event of our lifetimes.

Hard times can ruin some fortunes while building others. As of the end of March, Apple was sitting on a net cash hoard of $83 billion. It continues to buy back stock and provide cash dividends for its investors. And you’ve got to imagine that, if Apple finds ways to use that cash to buy key companies or technologies that are struggling during the downturn, it will do so.“Nothing has changed on our approach” for mergers and acquisitions, Maestri said.

“We’ve been quite active over the last several years. We purchase companies on a very regular basis.

We’re always looking for ways to accelerate our product roadmaps or fill gaps in our portfolio, both on the hardware side, on the software side, on the services side. So we will continue to do that.”More broadly, Maestri said that the company feels it’s got a strategic advantage to continue to invest in innovation, products, and the development of its services portfolio. “We will continue to invest in our pipeline,” he said. “We will try to balance the need to continue to invest during difficult circumstances, and the fact that we like to manage the business wisely.”Apple invested through the 2007 recession and ended up more powerful than ever before at the end of it. Having $83 billion saved away for a rainy day certainly does wonders for one’s confidence during trying times, doesn’t it? I’d imagine Apple will emerge into a post-COVID-19 world as an even bigger player on the scene.