Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Does your Mac really need antivirus software? We asked the experts

There’s an age-old belief in the tech world that Macs don’t get malware. Well, we know that isn’t true — security firm Malwarebytes uncovered several new threats specifically targeted at Macs in 2020 alone, and notable instances of Mac malware have been uncovered in the past. But is it true that Macs are less vulnerable than Windows PCs?

Macs have a lot of built-in features that can be powerful tools in the fight against malware. But are they enough? These features come with every Mac by default, so is there really a need to install third-party antivirus software on your computer? We asked the experts.

Vulnerabilities in Apple’s systems

Macbook Air (2018) Review
Riley Young/Digital Trends

The belief that Macs are fairly resilient to malware isn’t just idle fanboy-ism. Windows PCs make up roughly 90% of the market, making them a much more attractive target to malware makers.

And Macs really do have some stellar built-in tools that protect you right off the bat. For example, when you download an app off the internet, your Mac checks it against a list of known malware apps using XProtect. It works invisibly in the background, meaning it needs no maintenance or activation and doesn’t slow down your Mac. Gatekeeper, meanwhile, will prevent the app from opening without your permission if it hasn’t been digitally signed as safe by Apple. And now, Apple has even started notarizing apps so that they can prove they are trustworthy.

On top of that, all apps are sandboxed, meaning they can only do what they’re meant to do, without being able to access critical system infrastructure and settings.

But there are gaps in the armor that protect Mac users’ systems. The MacOS layer of security relies on Apple adding quarantine tags to suspicious or outright malicious software, which in turn results in the warning dialogue you see when you try to open them.

Thomas Reed, Director of Mac & Mobile at security firm Malwarebytes, told me that the defenses aren’t as comprehensive as it seems. “Adding that flag is not a requirement, and not all software does [it],” he explained. “For example, torrent software often doesn’t, while at the same time being used heavily in piracy.”

“The nature of sandboxing on MacOS actually restricts antivirus software.”

In addition, XProtect’s list of malicious file signatures is hardly all-encompassing. Reed explained that it only checks files against 94 rules, “a tiny fraction of the rules found in any more powerful antivirus engine.” Kirk McElhearn, co-host of Mac security firm Intego’s podcast and a writer on malware topics, concurs that XProtect only looks out for “a handful of strains of malware.”

What about the new security features in MacOS Big Sur? Apple says apps will require your permission before accessing your documents, desktop files, iCloud Drive, and external drives, plus it’s promising greater security thanks to a dedicated system volume for the operating system and the T2 Security Chip in new Macs.

Apple's T2 Coproccesor

However, Reed still doesn’t believe these go far enough. He told me that Gatekeeper still won’t perform a signature check on non-quarantined apps on launch, meaning a malicious actor could tamper with a legitimate app and it would still be permitted to run on MacOS.

Reed also believes the nature of sandboxing on MacOS actually restricts antivirus software, at least if you download it from the App Store.

“By default, for example, [an antivirus app] cannot get access to most of the files on the hard drive. Even if you grant access to the entire hard drive, many of those files cannot be removed by an App Store app. This means App Store antivirus software is less likely to be able to detect all threats and is also less likely to be able to remove all threats.”

Where’s the weak link?

What about the common criticism that antivirus apps put an unnecessary strain on Macs, slowing them down and adding unwanted bloatware? McElhearn feels this concern is overblown.

“A decade or longer ago, the argument that antivirus software could slow down your Mac certainly may have had some merit, in some cases,” he explains. “But modern Macs generally have plenty of resources (processing power, memory, and disk speed) to allow antivirus software to protect you without any noticeable detriment to the Mac’s speed.”

Reed, however, is not so dismissive, calling antivirus apps’ performance hit a “bane” to Mac users.

“So many people still feel like Macs don’t need antivirus software that, if you convince them to install something, it’s an instant failure if performance takes a hit,” he laments. If you’re going to install an antivirus app, then, you need to find one that’s not only trustworthy but fast, too. If your Mac slows to a crawl while your antivirus app is conducting a scan, you’ll soon run out of patience — potentially putting yourself at risk.

Relying purely on Apple’s systems isn’t enough.

There are further indications that we are often the weak link. Reed argues that Apple’s in-built protection systems do a poor job of detecting adware and potentially unwanted programs (PUPs), things that he describes as “the most prevalent” threats to Mac users today.

If you fall victim to Mac malware, he argues, it’s less likely to be at the hands of a traditional virus and more likely to be due to you being tricked into installing malicious software masquerading as a trustworthy app — Mac Defender being a well-known example.

McElhearn, meanwhile, argues that relying purely on the systems that Apple has implemented isn’t enough. For example, while Gatekeeper can block apps that originate from third-party or untrusted developers, it can easily be bypassed by the user with a couple of clicks.

While Gatekeeper gives you plenty of warning that ignoring its checks is a bad idea, it still lets you do it with relative ease.

Both points cut to the heart of the biggest vulnerability in Mac security: Us. Humans are fallible creatures, open to manipulation or just plain laziness.

We may think that an app has been unnecessarily flagged by Gatekeeper (or get “dialogue fatigue” and allow it to run without thinking), thereby inadvertently opening the door to malware. Or we may see a well-made forgery of a trustworthy website, leading to us giving away our bank details to fraudsters and malcontents.

In cases like these, neither your Mac’s layers of built-in security nor third-party antivirus apps can offer you 100% protection.

A multipronged approach

It’s evident that you should install antivirus software on your Mac (we’ve already scouted out the best options for you). But as we said earlier, there are some important caveats and additional precautions you should take. 

A quick and efficient antivirus app is a vital tool for keeping your Mac safe.

Antivirus software protection is a must for your device, but there are still cyber hacks that can penetrate it. To safeguard against all cyberattacks, it’ll take a concerted effort on your part to monitor your actions and the potential invasions they may cause. For example, never install downloads if you’re not sure what they are. This includes unfamiliar sites that ask you to install “safe” apps like Adobe Flash Player.

It is always advisable to exercise caution when exploring unknown sites or downloading files of any kind. Antivirus software is a more reliable filter for threats and picks up the slack where your good judgment fails by catching cyberattacks that evade your vigilance.

To sum up: You should install antivirus software on your Mac, but make sure to find one that doesn’t slow down your computer too much, and always use plenty of common sense. We’re confident that following these simple guidelines will stave off any hazardous intrusions on your Mac. We recommend perusing our thorough list of the best free antivirus software.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
This critical macOS flaw may leave your Mac defenseless
A close-up of a MacBook illuminated under neon lights.

Apple’s macOS operating system has such a strong reputation for security that many people mistakenly believe Macs simply aren’t affected by malware. Well, Microsoft has served up a reminder that that’s not true, as the company has identified a serious vulnerability that affects one of macOS’s most important lines of defense.

According to Bleeping Computer, the bug was first reported by Jonathan Bar Or, Microsoft’s principal security researcher, who named the flaw Achilles. It is now tracked as CVE-2022-42821.

Read more
The best gifts for Mac users: 8 peripherals to complete your setup
Apple Pages on a MacBook showing document counts.

It’s the time of year to start looking for gifts for all the important people in your life. If you’ve got a loved one who’s a Mac obsessive -- or you just want to get a great Mac accessory for yourself -- our round-up of tip-top Mac gifts will have you sorted this holiday season.

We’ve put together a range of goodies that'll work for even the most demanding of Mac users. From mice and keyboards to Thunderbolt docks, microphones, and webcams, there’s something here for everyone.
Logitech MX Master 3S for Mac

Read more
Beware — even Mac open-source apps can contain malware
A pair of glasses rests on a desk in front of multiple computer monitors filled with code.

Installing apps on a Mac is generally considered to be safer than doing so on Windows and open-source software is usually benign but there are exceptions to both of these assumptions that can do untold damage to your privacy and security.

A recent discovery by Trend Micro provides a startling example of this risk. An open-source app designed to help Mac owners with iPhone and iPad app signing has been altered to include a nasty hack that steals your Apple Keychain data. The original app is called ResignTool and it’s available for free on the popular open-source site, GitHub. The app is six years old and both the code and the ready-to-run app can be downloaded from GitHub. That isn’t the problem.

Read more