Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Does your Mac really need antivirus software? We asked the experts

There’s an age-old belief in the tech world that Macs don’t get malware. Well, we know that isn’t true — security firm Malwarebytes uncovered several new threats specifically targeted at Macs in 2020 alone, and notable instances of Mac malware have been uncovered in the past. But is it true that Macs are less vulnerable than Windows PCs?

Macs have a lot of built-in features that can be powerful tools in the fight against malware. But are they enough? These features come with every Mac by default, so is there really a need to install third-party antivirus software on your computer? We asked the experts.

Vulnerabilities in Apple’s systems

Macbook Air (2018) Review
Riley Young/Digital Trends

The belief that Macs are fairly resilient to malware isn’t just idle fanboy-ism. Windows PCs make up roughly 90% of the market, making them a much more attractive target to malware makers.

And Macs really do have some stellar built-in tools that protect you right off the bat. For example, when you download an app off the internet, your Mac checks it against a list of known malware apps using XProtect. It works invisibly in the background, meaning it needs no maintenance or activation and doesn’t slow down your Mac. Gatekeeper, meanwhile, will prevent the app from opening without your permission if it hasn’t been digitally signed as safe by Apple. And now, Apple has even started notarizing apps so that they can prove they are trustworthy.

On top of that, all apps are sandboxed, meaning they can only do what they’re meant to do, without being able to access critical system infrastructure and settings.

Image used with permission by copyright holder

But there are gaps in the armor that protect Mac users’ systems. The MacOS layer of security relies on Apple adding quarantine tags to suspicious or outright malicious software, which in turn results in the warning dialogue you see when you try to open them.

Thomas Reed, Director of Mac & Mobile at security firm Malwarebytes, told me that the defenses aren’t as comprehensive as it seems. “Adding that flag is not a requirement, and not all software does [it],” he explained. “For example, torrent software often doesn’t, while at the same time being used heavily in piracy.”

“The nature of sandboxing on MacOS actually restricts antivirus software.”

In addition, XProtect’s list of malicious file signatures is hardly all-encompassing. Reed explained that it only checks files against 94 rules, “a tiny fraction of the rules found in any more powerful antivirus engine.” Kirk McElhearn, co-host of Mac security firm Intego’s podcast and a writer on malware topics, concurs that XProtect only looks out for “a handful of strains of malware.”

What about the new security features in MacOS Big Sur? Apple says apps will require your permission before accessing your documents, desktop files, iCloud Drive, and external drives, plus it’s promising greater security thanks to a dedicated system volume for the operating system and the T2 Security Chip in new Macs.

Apple's T2 Coproccesor
Image used with permission by copyright holder

However, Reed still doesn’t believe these go far enough. He told me that Gatekeeper still won’t perform a signature check on non-quarantined apps on launch, meaning a malicious actor could tamper with a legitimate app and it would still be permitted to run on MacOS.

Reed also believes the nature of sandboxing on MacOS actually restricts antivirus software, at least if you download it from the App Store.

“By default, for example, [an antivirus app] cannot get access to most of the files on the hard drive. Even if you grant access to the entire hard drive, many of those files cannot be removed by an App Store app. This means App Store antivirus software is less likely to be able to detect all threats and is also less likely to be able to remove all threats.”

Where’s the weak link?

Image used with permission by copyright holder

What about the common criticism that antivirus apps put an unnecessary strain on Macs, slowing them down and adding unwanted bloatware? McElhearn feels this concern is overblown.

“A decade or longer ago, the argument that antivirus software could slow down your Mac certainly may have had some merit, in some cases,” he explains. “But modern Macs generally have plenty of resources (processing power, memory, and disk speed) to allow antivirus software to protect you without any noticeable detriment to the Mac’s speed.”

Reed, however, is not so dismissive, calling antivirus apps’ performance hit a “bane” to Mac users.

“So many people still feel like Macs don’t need antivirus software that, if you convince them to install something, it’s an instant failure if performance takes a hit,” he laments. If you’re going to install an antivirus app, then, you need to find one that’s not only trustworthy but fast, too. If your Mac slows to a crawl while your antivirus app is conducting a scan, you’ll soon run out of patience — potentially putting yourself at risk.

Relying purely on Apple’s systems isn’t enough.

There are further indications that we are often the weak link. Reed argues that Apple’s in-built protection systems do a poor job of detecting adware and potentially unwanted programs (PUPs), things that he describes as “the most prevalent” threats to Mac users today.

If you fall victim to Mac malware, he argues, it’s less likely to be at the hands of a traditional virus and more likely to be due to you being tricked into installing malicious software masquerading as a trustworthy app — Mac Defender being a well-known example.

Image used with permission by copyright holder

McElhearn, meanwhile, argues that relying purely on the systems that Apple has implemented isn’t enough. For example, while Gatekeeper can block apps that originate from third-party or untrusted developers, it can easily be bypassed by the user with a couple of clicks.

While Gatekeeper gives you plenty of warning that ignoring its checks is a bad idea, it still lets you do it with relative ease.

Image used with permission by copyright holder

Both points cut to the heart of the biggest vulnerability in Mac security: Us. Humans are fallible creatures, open to manipulation or just plain laziness.

We may think that an app has been unnecessarily flagged by Gatekeeper (or get “dialogue fatigue” and allow it to run without thinking), thereby inadvertently opening the door to malware. Or we may see a well-made forgery of a trustworthy website, leading to us giving away our bank details to fraudsters and malcontents.

In cases like these, neither your Mac’s layers of built-in security nor third-party antivirus apps can offer you 100% protection.

A multipronged approach

It’s evident that you should install antivirus software on your Mac (we’ve already scouted out the best options for you). But as we said earlier, there are some important caveats and additional precautions you should take. 

A quick and efficient antivirus app is a vital tool for keeping your Mac safe.

Antivirus software protection is a must for your device, but there are still cyber hacks that can penetrate it. To safeguard against all cyberattacks, it’ll take a concerted effort on your part to monitor your actions and the potential invasions they may cause. For example, never install downloads if you’re not sure what they are. This includes unfamiliar sites that ask you to install “safe” apps like Adobe Flash Player.

It is always advisable to exercise caution when exploring unknown sites or downloading files of any kind. Antivirus software is a more reliable filter for threats and picks up the slack where your good judgment fails by catching cyberattacks that evade your vigilance.

To sum up: You should install antivirus software on your Mac, but make sure to find one that doesn’t slow down your computer too much, and always use plenty of common sense. We’re confident that following these simple guidelines will stave off any hazardous intrusions on your Mac. We recommend perusing our thorough list of the best free antivirus software.

Editors' Recommendations

Alex Blake
In ancient times, people like Alex would have been shunned for their nerdy ways and strange opinions on cheese. Today, he…
Update your Apple devices now to fix these dangerous exploits
A person using a laptop with a set of code seen on the display.

If you’re an Apple user -- whether you have a Mac, an iPhone, an iPad, or an Apple Watch -- you need to update your devices as soon as possible. That’s because Apple has discovered three actively exploited vulnerabilities that could cause your devices serious harm, and the patches are already out to fix them.

One of the bugs was found in Apple’s Security framework and would allow a malicious app to completely bypass a device’s signature validation. Another bug concerns the WebKit browser engine and could grant a threat actor the ability to run arbitrary code when a victim views a certain web page.

Read more
This dangerous new Mac malware steals your credit card info
A hacker typing on an Apple MacBook laptop while holding a phone. Both devices show code on their screens.

People like to think that Apple’s Macs are more or less invulnerable to the assorted viruses and trojans that afflict Windows PCs, but that’s far from the truth. That’s just been aptly demonstrated by the emergence of a new malware strain that attempts to steal all of your passwords, credit card data, and more.

The discovery was made by security firm SentinelOne, which named the malware MetaStealer. According to SentinelOne, MetaStealer has the potential to trick you into giving away vital information that could cause a huge amount of damage, and it has a nefarious way of getting what it wants.

Read more
MacBooks could finally get Face ID to boost your security
Apple's 15-inch MacBook Air placed on a desk.

Apple is working on bringing its Face ID authentication system to MacBooks, in what could be a major move to boost your Mac’s security. That’s according to a newly granted patent (number 11727718) that describes the benefits of Face ID and how it could be added to Apple’s laptops.

In the patent, Apple explains that computers are capable of a great deal of different tasks, and many of them can involve storing or handing over your sensitive information -- information that should not fall into the wrong hands. To stop that from happening, some form of authentication system (like Face ID) could be implemented into laptops to toughen up their security.

Read more