Apple dramatically overhauls the Mac’s built-in anti-malware defenses

Howard Oakley of the Eclectic Light Company tracks updates to Apple’s anti-malware tools for Mac and finds that they have undergone dramatic, but mostly silent, changes in the past few months.

Apple drastically overhauls the Mac's built-in anti-malware defenses

Andrew Cunningham for Ars Technica:

Apple began including rudimentary anti-malware protections with versions of macOS with Snow Leopard in 2009. Called “XProtect,” this system service downloaded and installed new malware definitions in the background among major macOS security updates, primarily for protect yourself from installing, malware in nature.

Since then, Apple has added several anti-malware features to macOS, although they aren’t always marked this way. Gatekeeper, app authentication, System Integrity Protection, Signed System Volume, and access controls for hardware and software are all, in one way or another, about proactively protecting system files from tampering and making sure installed apps do what they say about them ‘redo. Another hidden tool, the Malware Removal Tool (MRT), acts more like a traditional anti-malware scanner, periodically receiving definition updates from Apple so it can search for and remove malware already on your system.

Since about the release of update 12.3 for macOS Monterey, [Oakley]is monitoring a new “” feature that has been added to Monterey, Big Sur (11) and Catalina (10.15). As mentioned in Apple’s latest Platform Security documentation, this is a household name for a new app that replaces the old MRT. appears to scan for known malware much more aggressively than MRT.

“In the past six months, macOS malware protection has changed more than it has in the past seven years,” writes Oakley. “It has now become fully preventative, as active as many commercial anti-malware products, as long as your Mac is running Catalina or later.”

MacDailyNews takes: Basically, macOS now scans for malware whenever it gets a chance, which makes your Mac even more secure!

Oakley also reports that XProtect and MRT are also being updated in older macOS versions such as El Capitan (10.11), originally released in 2015. Read more here.

Help us support MacDailyNews. Click or tap here to support ours independent technology blog. Thank you!

Buy the Apple Store on Amazon.

Leave a Reply

Your email address will not be published. Required fields are marked *