While malware that targets Macs isn't nearly as common as malware that goes. Some form of malware, try using a friend's Mac to create an emergency Mac OS. Avast Security (for Mac), Avira Free Antivirus for Mac, and Sophos Home Free (for Mac) are totally free for personal use, although Sophos technically limits you to three devices, macOS or Windows.
Show More Macs may be a far less tempting target for malware and viruses, but they’re not immune from attack. Even if you don’t care about or being used as a, it’s still possible to fall victim to, password theft,. Accordingly, good antivirus software will protect your Mac on all of these fronts. It’ll catch malware that’s still spreading or in circulation; block ransomware; protect older systems with out-of-date software from security vulnerabilities; prevent your Mac from acting as a carrier for malware aimed at other operating systems; and keep infected files off of any virtual machines you’re running. Antivirus for Mac cheat sheet Our quick-hit recommendations:. Best paid antivirus for Mac:.
Best free antivirus for Mac: Many antivirus suites provide a decent level of protection, but a few rise above all others by providing the very best in performance. Our top contenders dominate by posting perfect (or virtually near perfect) scores from security research labs, passing our own malware detection tests with flying colors, offering well-designed interfaces, and even throwing in extra features like a firewall or password manager. This article was updated 6-26-18 to include an new review for McAfee Total Protection.
Looking for Windows antivirus recommendations? You can read about the on our sister site, PCWorld. Latest antivirus for Mac news. More than $1.1 million was lost to cybercrime every minute in 2018. That’s the key takeaway of the latest In total, more than $600 billion will be lost to cybercrime and nearly 980 million people will be attacked in 2018.
North Korea’s alleged state-sponsored hackers, the Lazarus Group, has launched its first known malware attack against Mac computers,. Kaspersky says a third-party “trojanized cryptocurrency trading application. Compromised several banks and infiltrated a number of global cryptocurrency exchanges” to steal digital currencies like Bitcoin. Enterprise security firm Cylance is launching its first consumer-grade package:.
![Best Security Software For Mac Os X Best Security Software For Mac Os X](/uploads/1/2/5/4/125430431/539904752.jpg)
The new software claims to use advanced, predictive AI to kill threats, all with a consumer-friendly interface and minimal penalties to device performance. Best overall antivirus software. On Sophos Sophos Home Premium has the most extensive and up-to-date approach to fighting malware at an unbeatable price. Has it all: Effective malware protection, ransomware monitoring, protection against potentially-unwanted-apps, and additional features that often require separately licensed software. Its cloud-based configuration and generous licensing (up to 10 Macs and PCs) also make it easy to shield friends and family from threats, no matter where they live. (Full details available.) Best free antivirus software. Though Sophos does offer a good free version of its software, edges it out as the best free antivirus software for macOS.
In security lab tests, Avast detected 99.9 percent of macOS malware, and 100 percent of Windows malware. However, if you want more advanced protection (like ransomware detection), you'll need to upgrade to paid software. What to look for in antivirus software By our reckoning, antivirus software should be able to neutralize a threat before it can begin wreaking havoc. That means preventing the download, installation, or execution of malicious software. Since you can encounter threats by visiting compromised or malicious websites, receiving virus-laden attachments, or accessing USB drives with malware, good AV software should scan on a continuous basis unless you configure it otherwise.
And ideally, files identified as malicious should be quarantined into a special storage area managed by the AV software, with the option to automatically delete files known to be malware or repair normal documents that also carry devious payloads. Great AV suites also will monitor the filesystem for certain kinds of changes. Ransomware—which is malware that will rapidly encrypt user files like documents and mailboxes and then delete the originals—has become a huge moneymaker on other platforms. As a prime opportunity for attackers, it’s the greatest danger Mac users likely face as a category.
Macworld Detecting this pattern and halting it before any files are unavailable should be possible without an anti-malware system knowing the specific innards of a ransomware virus. Sophos, our top pick, includes this feature in the Home Premium version of its 2018 update.
Other vendors, like Avast and Trend Micro Antivirus, offer an alternative feature that allows you to whitelist programs allowed to manipulate files in specific directories. So if this particular type of attack becomes rapidly popular, you’ll be protected. Good antivirus software should also use minimal computational resources. That’s especially the case these days—AV monitoring hasn’t become much more complicated than when it first became available, and faster, multi-core CPUs can easily handle the demands of running AV software in the background without disturbing your active work. Beyond these primary features, an easy-to-navigate interface and extra features are worth factoring into your decision. Some AV software are full-fledged suites that offer additional options like backup service for essential files, a password manager, parental controls, anti-tracking and privacy modes or options, a more advanced firewall, and the blocking of Potentially Unwanted Applications (PUAs).
How we test Each software package is evaluated creating a clean installation of High Sierra, cloning it for each AV product, and then booting separately into each one to install a different package. This was to ensure that previous app installations didn’t interfere with new ones—sometimes AV software treats other AV software as an infection. In addition to visiting malicious websites, downloading known malicious software, and even running said malware, we also referenced the most recent reports from two labs that regularly cover macOS malware: (July 2017) and (May 2017). These laboratories test AV software against sets of known malware as well as products that are grouped as potentially unwanted applications (like adware). The latter doesn’t damage or expose your computer or its files but may consume power and CPU cycles. Because the testing effectively looks at a combination of virus databases and behavior, they remain good gauges even after many months. When an antivirus software package lacks a rating from a known security research lab, we do more extensive testing with real malware.
Finally, while we gave props for a lot of different features and behaviors, we marked products down if they lacked any or all of the following:. A nearly perfect score on macOS malware detection. Ransomware monitoring. Native browser plug-in or system-level Web proxy.
A high score on Windows malware detection Privacy concerns Using an anti-virus product, especially any that includes tools to also improve your online privacy, may lull you into believing you’re safe from personal and private information leaking out. That’s not quite the case. While there’s no reason to panic, you should consider a few reasonable issues. First, an antivirus product may upload the complete text of files flagged to the cloud, where it can be analyzed by separate tools hosted there. This practice is normal and sensible: Some malware can detect when a running process may examine it, and will then engage in subterfuge.
![Best security software for mac os x download Best security software for mac os x download](/uploads/1/2/5/4/125430431/244751652.png)
Antivirus software makers also can access their massive databases to examine files with characteristics that trigger their algorithms—certain elements that match known malware. As a result, security researchers discover new viruses, worms, Trojans horses, and the like. Macworld However, helping the greater good means you’ll have to be comfortable with trusting a third-party with your file contents. Where appropriate, we noted privacy policy issues in individual reviews.
Second, this software may also rely partly or entirely on cloud-based checks of URLs, malware, and the like. Accordingly, an AV package might upload every URL you visit, metadata about files, signatures of files, information about your computer’s hardware, a list of running or installed applications, and more. Companies vary on their disclosure of such policies, and may not let you opt out of this kind of sharing. We note issues in each review as available. Third, anti-virus software makers also get a sense of what behavior is happening on your computer that’s being monitored or blocked, and may use that information for their own purposes. In some cases, you can opt out of this information gathering.
All of our antivirus for Mac reviews If you have specific requirements or just wish to see other options, below is a list of all the antivirus software we’ve reviewed. We’ll keep evaluating new and refreshed software on a regular basis, so be sure to come back to see what else we’ve put through the ringer.
+ + The Evolution of Mac OS X Security and Privacy Features Posted on February 17th, 2016 by The ever-changing threat landscape has necessitated the evolution of computer operating systems, and OS X is no exception. It has become increasingly clear that Macs were not simply 'safe' right out of the box. Mac malware and exploits are really out there in the wild, and not just some mythical menace.
Mac users have also been targets of fraud, identity theft, and espionage campaigns, just like their Windows-using brethren. To help protect its customers and combat some of these threats, Apple has added many security and privacy-enhancing features to OS X over the past decade. With each major revision, along with incremental security updates, Apple has continued to improve the Mac's baseline security. Following is a timeline of security improvements that Apple has made starting with the release of Mac OS X 10.4 Tiger and continuing through subsequent versions of the Mac operating system, up to and including OS X 10.11 El Capitan.
Mac OS X 10.4 Tiger (released in April 2005) After 2004 saw the introduction of OS X Trojan horse, including the much-publicized Renepo/Opener, Apple needed to do something to beef up Mac security and help users feel safe again. In Mac OS X 10.4 Tiger, Apple included a new feature called, an early attempt at helping users identify when they were about to download something that could potentially be harmful, including applications, scripts, and webarchives (complete pages saved with Safari). The feature wasn't foolproof, however; it treated pictures, video and audio files, and PDFs as 'safe,' meaning that attacks such as PDF exploits could easily be perpetrated in spite of Download Validation. Apple added access control lists (ACLs) to Tiger as a supplement to traditional UNIX file permissions. You can read more about OS X ACLs at.
Tiger also added an ' metadata feature to the file system, which paved the way for Leopard's quarantine bit mentioned below. Mac OS X 10.5 Leopard (released in October 2007) In Mac OS X 10.5 Leopard, Apple added a feature known as File Quarantine, which consisted of adding an extended attribute flag (com.apple.quarantine) to files downloaded from the Web (via Apple apps such as Safari, or via third-party apps that chose to implement the feature).
When certain types of downloaded files were opened for the first time, users were presented notifying them of the site from which it was downloaded as well as the date and time of the download. Image credit: Joshua Long The ability for developers to was also introduced in Leopard. Since then, this feature has received significant improvements, and it's important to note that code signing was a prerequisite for Apple's eventual addition of 'Gatekeeper' functionality to Mountain Lion as well as the final version of Lion (read on for more about Gatekeeper).
Leopard was the second and final major release of Mac OS X to officially support both PowerPC and Intel processors. Leopard's PowerPC version (which ran on G5 and higher-end G4 processors) was the first version of Mac OS X to not include the '.' From the very first version of Mac OS X all the way through Tiger, Classic had enabled software written for Mac OS 9 or earlier to run alongside Mac OS X applications. A side effect of Classic's demise was that most malware developed prior to OS X could not infect upgraded Macs. Mac OS X 10.6 Snow Leopard (released in August 2009) The most well-known security enhancement in Mac OS X 10.6 Snow Leopard is Apple's introduction of XProtect, which Apple somewhat confusingly called the 'safe downloads list,' even though it was originally designed to block certain known malware from being downloaded. In September 2012, Apple enhanced the XProtect functionality to also block outdated versions of two common browser plug-ins, Adobe Flash Player and Oracle Java, which were often exploited by malicious or infected Web sites and advertisements, and in January 2016 Apple began blocking outdated versions of Microsoft Silverlight. As of February 2016, Apple continues to update the XProtect signatures for Snow Leopard, even though Apple has long since stopped patching the core Snow Leopard operating system along with its versions of Safari, iTunes, and other components.
Anyone still using Snow Leopard would be wise to upgrade to the latest version of OS X if their Mac can handle it (see '; stay tuned for an El Capitan update, coming soon). As nice as it is to have a 'bad download' blocker built into OS X, it is important to note that XProtect's static signatures are typically only updated once or twice a month, and only when there's a particularly wide outbreak of Mac malware or a high prevalence of Flash or Java exploits that may affect Mac users. As such, XProtect is extremely unlikely to protect against exploits, new malware families, strategically altered variants of existing malware, or even whole categories of malware such as Word and Excel macro viruses (yep, and are ). Furthermore, XProtect does not actively scan your computer for threats, and it cannot do anything to help you if your Mac is already infected. While better than nothing, XProtect can only be reasonably considered a supplement to, and not by any means a replacement for, an actual. Apple itself admits this; the company in 2009, 'The feature isn't intended to replace or supplant antivirus software, but affords a measure of protection against the handful of known Trojan horse applications that exist for the Mac today.'
Although Apple tried to downplay the prevalence of Mac malware at the time, a significant number of new threats targeting the Mac have been in the wild in the intervening years; see (covering the 1990s through November 2014) and our (covering 2006 through the end of 2015). It cannot be emphasized enough that using a Mac without antivirus software in today's day and age is quite a bit like driving on the highway without a seatbelt; you might get lucky and never get hit, but it would be rather reckless to take that risk.
We urge you to check out and decide which is best for you. OS X 10.7 Lion (released in July 2011) OS X 10.7 Lion introduced FileVault 2, offering full-disk encryption. This was an improvement upon the FileVault feature of previous versions of OS X which only had the ability to encrypt individual user accounts. FileVault 2's whole-disk encryption is more secure, in part because virtual memory swap files, system logs, and other potential sources of data leakage are encrypted. We've previously covered; search for and click 'load more posts' to find even more articles.
Apple also made security enhancements to (ASLR), making programs more attack-resistant by using memory in less predictable ways. Was introduced in Lion, designed to suppress potential damage caused by third-party applications or the exploitation thereof, and to reduce a compromised or misbehaving app's ability to steal or damage a user's data. Image credits: Apple,; inspired. Apple also added the new Gatekeeper feature from OS X 10.8 to the final version of Lion, 10.7.5.
OS X 10.8 Mountain Lion (released in July 2012) The most notable security improvement in OS X 10.8 Mountain Lion was, a feature designed to help prevent malware and sketchy programs downloaded from the Internet from running. It added a new set of options in the Security & Privacy section of System Preferences, where the user could choose to allow applications downloaded from: the Mac App Store only, the Mac App Store and 'identified developers' (meaning developers registered with Apple), or anywhere. Image credit: Apple Does Gatekeeper really help?
Well, it certainly adds an additional hurdle that makes it a bit more difficult to infect a Mac with drive-by downloads or other deceptive tactics. However, sites hosting malware can trick victims into using a workaround to open apps from unregistered developers.
It's as simple as asking the victim to, after the download completes, control-click on the app and select Open, which brings up a dialog box with an option to open the program even if it's from an unidentified developer. Worse yet, malware authors can (and sometimes do) register for Apple developer accounts, or hijack legitimate developers' accounts, to become an 'identified developer,' so they can bypass Gatekeeper's default settings. Here's signed by Apple's Root Certificate Authority. And, of course, occasionally Apple has accepted apps into one of its App Stores that turned out to have some questionable or even malicious functionality. Nevertheless, choosing a stricter default setting for Gatekeeper can be helpful for casual users who rarely if ever download new software. Aside from Gatekeeper, Mountain Lion also introduced a feature called that could be enabled to allow applications to more accurately determine one's geographic location.
Along with this feature came a new privacy option in System Preferences, allowing users to see which apps had requested their location within the last 24 hours, or to disable Location Services on a per-app basis. Image credit: Apple Apple also made improvements to its application sandboxing functionality in Mountain Lion. For more information, you can watch a (requires Safari) covering Mountain Lion's new App Sandbox features. As noted previously in the Snow Leopard section, a couple months after Mountain Lion's initial release, Apple upgraded XProtect's functionality to start blocking outdated versions of the Flash Player and Java plug-ins, and this feature was retrofitted into Lion and Snow Leopard's versions of XProtect as well. OS X 10.9 Mavericks (released in October 2013) In OS X 10.9 Mavericks, Apple introduced, a feature designed to synchronize usernames, passwords, credit card information, and Wi-Fi networks between Mac and iOS devices. This is essentially Apple's answer to the growing popularity of password managers; Apple would prefer to handle this for you (and, of course, keep you locked into the Apple ecosystem by doing so).
Apple does use to protect iCloud Keychain data, but the paranoid among us tend to be at least a bit concerned about so many users' passwords being stored in one place in the cloud; it makes Apple's iCloud servers a potentially huge target for determined groups of attackers with vast resources. In Mavericks, Apple began to (PDF link; 'kext' is short for kernel extension) installed in /Library/Extensions as a means of preventing unregistered developers from making persistent modifications to the operating system's kernel. Apple also improved file sharing security in Mavericks by adding support for SMB2 (Server Message Block 2), which became the new default Mac file sharing protocol rather than AFP (Apple Filing Protocol), and also became the default Windows file sharing protocol in Vista. For further reading, see the (PDF) and of the protocol. OS X 10.10 Yosemite (released in October 2014) Yosemite introduced a new feature of Apple Mail called, which allowed users to send 'attachments' of up to five gigabytes without actually attaching a file to the e-mail. A security and privacy advantage of Mail Drop is that attachments expire thirty days from when the e-mail is sent; after that they can no longer be downloaded.
Thus if the recipient's e-mail account gets compromised at some point more than thirty days in the future, an attacker won't be able to retrieve past 'attachments' you sent them, whereas with traditional attachments they would be able to retrieve them. Unfortunately, Mail Drop is currently limited to (what Apple deems) attachments 'too large to send in email,' so not everyone can take advantage of this feature for any attachment. The version of Safari included with Yosemite defaulted to showing only the domain in the address bar, rather than the entire URL. That this increased security for the average user, because it prevented attackers from hiding behind convoluted URLs such as paypal.com.login.edu (which could be mistaken for a page on PayPal's site; 'login.edu' is the actual site in this example). Users can still see the full URL by clicking in the address bar. Another change to Yosemite's Safari was that, for the first time, Apple introduced per-window Private Browsing, making the feature a bit more convenient. Apple introduced the Swift programming language alongside Yosemite, which has a number of.
Although Apple does not force developers to use Swift (at least not yet), Apple has given developers an easier way to write software that is inherently more secure. OS X 10.11 El Capitan (released in September 2015) The most important new security feature in OS X 10.11 El Capitan is Apple's introduction of, a feature designed to prevent a privileged user or software running as root from modifying or tampering with certain important system files and folders, as well as every running process. This can prevent a user from accidentally damaging the OS, and it's also designed to help (PDF) where it can be more difficult to remove. System Integrity Protection is enabled by default, but Apple currently allows users to disable it after booting to the Recovery partition. Apple also introduced App Transport Security (ATS), which encourages developers to use HTTPS and more specifically TLS 1.2 with forward secrecy (the latest successor to SSL), when their apps initiate Web requests to back-end servers (for example, to send or receive user data from the 'cloud'). Apps created for El Capitan and iOS 9 have this feature enabled by default, but for now Apple allows developers to easily opt out and continue making connections using weaker encryption (e.g. SSL) or without encryption (HTTP).
Additionally, Apple updated XProtect in January 2016 to browser plug-in (which Microsoft is ). This XProtect update was retroactive all the way back to Snow Leopard.
Each new version of OS X released over the past decade has included additional features, enhancements, and modifications that have improved the baseline security of the operating system. It is commendable that Apple continues to make efforts to increase OS X's security in new ways with each release. Of course, as is expected of major software companies, Apple also releases to remediate vulnerabilities discovered in the current (and often one or two previous) versions of the OS. Do all of these security features actually help make Macs more secure?
As mentioned to some degree above, many security enhancements can be worked around by a determined attacker (for further reading, see on the topic). Even with all that Apple has done and continues to do to keep Mac users safe, it's critical for users to stay aware of the various types of attacks they may face on a daily basis, and to continually learn how to avoid falling victim to them. We encourage you to subscribe to The Mac Security Blog via the e-mail sign-up form in the sidebar, and to follow us on and, to stay abreast of Mac security threats.
Whether Mac users want to admit it or not, in this day and age, it's necessary to take additional precautions to protect oneself from common threats; we cannot rely on Apple alone to protect us. Naturally, we recommend that users take a look at that can help keep you safer and more secure at home or at work. We've also previously covered a few third-party and (these are not endorsements, but can give you a good idea of what else is out there). About Joshua Long Joshua Long , Intego's Chief Security Analyst, is a renowned security researcher and writer. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Business Administration and Computer and Information Security. His research has been featured by many fine publications such as CNET, CBS News, ZDNet UK, Lifehacker, CIO, Macworld, The Register, and MacTech Magazine. Look for more of Josh's security articles at and follow him on.
This entry was posted in, and tagged,. Bookmark the.