Security & Privacy

Do You Need an Antivirus for Your Mac? Definitely, Yes.

Posted on December 4th, 2008 by

Apple has gotten a lot of press recently regarding their position concerning the need for antivirus software to protect Macs. A Knowledge Base article spotted on the company’s web site said, “Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.” The article went on to recommend three antivirus programs, including Intego VirusBarrier X5.

However, following an unexpected amount of attention in the press, Apple has removed the article. An Apple spokesman said, “We have removed the Knowledge Base article because it was old and inaccurate.” Yet the article was recently updated, on November 21, 2008, so it was certainly not old. The Apple spokesman went on to say that, “The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box.” But the Apple spokesman also said, “Since no system can be 100% immune from every threat, running anti-virus software may offer additional protection.”

Apple has gone from recommending that Mac users protect themselves with antivirus software to saying that Macs have “built-in technologies” that protect against “malicious software and security threats.” And rather than make that technical note “new” and “accurate”, they have simply deleted it. What can Mac users understand from these flip-flops?

What probably began as a simple technical note based on the real-world experience of one of Apple’s knowledgeable technicians (whose competency is recognized) turned into a major issue that affected Apple’s marketing strategy. Apparently, it was Apple’s top management that decided to remove the Knowledge Base article. It’s usually safer to trust those with hands-on experience rather than the creative minds who make up ad campaigns. While Apple may be worried about its reputation, you should consider what you have at stake if your Mac gets infected by malware. You could lose important files: your business files, digital music and movies, and the thousands of pictures of your family could be wiped out by a single infection.

Apple may, in fact, be acting irresponsibly by suggesting that an antivirus is not essential. In a way, it’s as if they were saying you shouldn’t lock the doors to your home. Sure, burglars aren’t watching all the time to see if you’ve locked your door, but if someone turns the doorknob and finds it open, they’re more likely to go inside.

So what’s the truth about malware and Macs? Do you really need to run an antivirus on your Mac? We think so. Laurent Marteau, Intego’s CEO, explains why.

1. How secure is Mac OS X?

Like every operating system, Apple software contains bugs and security flaws that need to be corrected. So far this year, Apple has needed to issue a total of 34 security updates, covering a number of products: Mac OS X, the iPhone, QuickTime (an essential part of Mac OS X), Safari, the Apple TV, iPhoto and more. New security flaws are discovered regularly.

If you count all of the updates that average Mac users need to keep their Macs safe – which includes updates to Mac OS X, QuickTime, Safari, iTunes and other iLife programs, and Java – there have been a total of 20 updates this year alone to stanch security flaws in Apple’s “built-in technologies.” This represents a couple of gigabytes of files to download, just to stay up-to-date for security issues.

2. Doesn’t Apple issue security updates quickly?

Apple tends to act like an ostrich regarding security issues, and can take a long time to update its software for known security flaws. In some cases the company takes months to get around to releasing a security update, and in others security researchers go public with flaws they’ve discovered after finding that Apple hasn’t reacted in months.

This means that between the time that a security flaw is discovered – and while security researchers find many of these flaws, they are also found at the same time by malware writers – Macs are vulnerable.

3. Is malware targeting Macs becoming more common?

While Mac malware is scarcer than Windows malware, Intego has issued eight security alerts or memos so far in 2008. These cover Trojan horses (and a number of variants of one Trojan horse that has infected many Macs), rogue “security software,” a serious bug in QuickTime, a very serious Apple Remote Desktop flaw, and a hacker toolkit that can be used to create malware. We have seen more new Mac malware this year than at any time since the advent of Mac OS X.

In addition, as Mac market share increases, those writing malware for profit are more likely to want to target this growing demographic. We have seen several recent types of malware that get downloaded to Macs from web pages. In the past, these pages would only serve up Windows malware, but now they detect the user’s platform to provide the appropriate version of the malware.

Mac users are generally less security-savvy than Windows users, who are familiar with the many security threats to their platform, and who are generally protected. Average Mac users who unintentionally download a Trojan horse are just as likely as Windows users to enter a user name and password to allow malware to install itself on their Macs.

4. Aside from Trojan horses, what other kinds of malware do we need to worry about?

One serious type of malware is macro viruses that affect Microsoft Word and Excel. These viruses spread among your Word and Excel applications and documents, and, unlike other types of malware, affect Macs and Windows alike. If a friend, colleague or business contact sends you a Word file that is infected with a macro virus, it can damage any or all of your Word documents, and be very difficult to remove.

While this doesn’t affect Office 2008 (which has no Visual Basic for Applications, the engine that lets macros run), any Mac user running earlier versions of Microsoft Office (2004 or v. X) is at risk. In addition, the more people you exchange Word and Excel documents with, the greater the risk. While these programs have a security setting that tells the programs to display a warning when you open documents containing macros, this warning only lets you turn off all the macros in the document. Many users need macros, especially in Excel spreadsheets, and find it normal to receive documents containing them, so they are unlikely to want to deactivate them.

5. Do businesses need Mac antivirus software?

Yes, especially because people in businesses are more likely to exchange files. In an enterprise environment, a global security policy generally requires that all computers be protected from malware. Macs can pass on files that contain malware to Windows users, and one line of defense is to use a Mac antivirus (such as Intego VirusBarrier X5) that detects and stops Windows viruses as well as Mac malware.

6. If I install an antivirus program on my Mac, it will only detect viruses that already exist, right?

Quite the contrary. Efficient Mac antivirus programs (such as Intego VirusBarrier X5) use “behavioral analysis” and other techniques to detect potentially dangerous activity, so they can spot new malware based on actions it attempts to perform. In addition, Intego’s Virus Monitoring Center is constantly on the lookout for new threats, and generally updates VirusBarrier’s virus definitions within 24 hours of the discovery of a threat, which is usually before it has had much of a chance to spread. You have to make sure you keep your antivirus software up-to-date, of course, and install new virus definitions as soon as they are available.

7. Doesn’t antivirus software slow down my Mac?

Intego VirusBarrier X5 certainly doesn’t. Not only does it use very little memory, but also very little CPU time, when it runs in the background. At the same time, its real-time scanner checks every file that is saved, written or opened on your Mac, ensuring that you don’t get infected.

8. Aren’t you saying all this just to sell your software?

No. We certainly have to tell the truth to our customers, who count on us to keep their Macs protected; this is one of our roles as a Mac security company. Nevertheless, Mac OS X is still much more secure than Windows, and Mac users face far fewer security threats than Windows users. It is important for Mac users to become aware of the issues they face, and a combination of education and security software will ensure that their Macs remain protected.

Comments are closed.