Article 633R1 Apple overhauls built-in Mac anti-malware you probably don’t know about

Apple overhauls built-in Mac anti-malware you probably don’t know about

by
Andrew Cunningham
from Ars Technica - All content on (#633R1)
Monterey-Graphic-3-dragged-800x500.jpeg

Enlarge (credit: Apple)

Macs don't have visible anti-malware software built-in, at least not in the same way that Microsoft does with Windows' highly visible Defender software. But Apple began to include rudimentary anti-malware protections with macOS versions with Snow Leopard in 2009. Called "XProtect," this system service downloaded and installed new malware definitions in the background in between major macOS security updates, mostly to protect against the installation of known, in-the-wild malware.

Since then, Apple has added multiple anti-malware features to macOS, though they're not always branded that way. Gatekeeper, app notarization, System Integrity Protection, the Signed System Volume, and access controls for hardware and software are all, one way or another, about proactively protecting system files from being tampered with and making sure that installed apps do what they say they're doing. Another under-the-hood tool, the Malware Removal Tool (MRT), acts more like a traditional anti-malware scanner, periodically receiving definitions updates from Apple so that it could scan for and remove malware already present on your system.

Howard Oakley at the Eclectic Light Company makes a habit of tracking updates to XProtect and the MRT, and he maintains several utilities that check the versions of your definitions (as well as your installed firmware and other Mac esoterica that Apple regularly updates but rarely mentions). And he says that Apple's anti-malware tools have undergone a dramatic but mostly silent change over the last few months.

Read 5 remaining paragraphs | Comments

External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments