Apple Has Made Major Updates to macOS Malware Protection in 2022

Apple has made notable updates to macOS malware tools over the course of the last six months, according to updates tracked by Howard Oakley at Eclectic Lighting Company (via Ars Technica).

macOS Malware Feature
"In the last six months, macOS malware protection has changed more than it did over the previous seven years," writes Oakley in a blog post published this week. Malware detection on the Mac is now "fully pre-emptive" and as active as "many commercial anti-malware products."

Specifically, at around the time that macOS 12.3 Monterey was launched, Apple quietly introduced a new XProtect Remediator tool for its XProtect service that checks for malware in the background. XProtect Remediator more frequently looks for malware and fixes it if malware is detected.

Apple previously used the Malware Removal Tool (MRT) and XProtect, but XProtect was limited to checking apps and code against a list of known malware and MRT ran infrequently. Apple's new solution is more aggressive and offers more protection. Xproduct Remediator is available on Macs running macOS Monterey, macOS Big Sur, and macOS Catalina, but it is not available on Macs running older versions of macOS.

The new XProtect feature is updated regularly and it runs at least once per day, but sometimes even more frequently. For some malware checks, it runs as often as every hour or two, and it is able to identify a range of malware, such as Adload, DubRobber, Pirrit, SnowDrift, Trovi, and more.

Scans are most likely to take place when the Mac is awake but not in active use, and is primarily doing background tasks like backups and receiving email. Oakley says that the new malware protections represent a "big step forward" for those who are running the most recent versions of macOS, with more information available in Oakley's full blog post.

Popular Stories

Generic iOS 19 Feature Mock Light

iOS 19 Leak Reveals All-New Design

Friday January 17, 2025 2:42 pm PST by
iOS 19 is still around six months away from being announced, but a new leak has allegedly revealed a completely redesigned Camera app. Based on footage it obtained, YouTube channel Front Page Tech shared a video showing what the new Camera app will apparently look like, with the key change being translucent menus for camera controls. Overall, the design of these menus looks similar to...
2024 App Store Awards

Apple Explains Why It Removed TikTok From the App Store in the U.S.

Sunday January 19, 2025 6:58 am PST by
Apple on late Saturday removed TikTok from the App Store in the U.S., and it has now explained why it was required to take this action. Last year, the U.S. passed a law that required Chinese company ByteDance to divest its ownership of TikTok due to potential national security risks, or else the platform would be banned. That law went into effect today, and companies like Apple and Google...
2024 iPhone Boxes Feature

Apple Changes Trade-In Values for iPhones, iPads, Macs, and More

Thursday January 16, 2025 6:45 am PST by
Apple today adjusted estimated trade-in values for select iPhone, iPad, Mac, and Apple Watch models in the U.S., according to its website. Some values increased, while others decreased. The changes were not too significant, with most values rising or dropping by $5 to $50. We have outlined some examples below: Device New Value Old Value iPhone 15 Pro Max Up to $630 U ...
Generic iOS 18

Everything New in iOS 18.3 Beta 3

Thursday January 16, 2025 12:39 pm PST by
Apple provided the third beta of iOS 18.3 to developers today, and while the betas have so far been light on new features, the third beta makes some major changes to Notification Summaries and also tweaks a few other features. Notification Summary Changes Apple made multiple changes to Notification Summaries in response to complaints about inaccurate summaries of news headlines. For...
iOS 19 Roundup Feature

iOS 19 Rumored to Be Compatible With These iPhones

Saturday January 18, 2025 10:28 am PST by
iOS 19 will not drop support for any iPhone models, according to French website iPhoneSoft.fr. The report cited a source who said iOS 19 will be compatible with any iPhone that can run iOS 18, which would mean the following models: iPhone 16 iPhone 16 Plus iPhone 16 Pro iPhone 16 Pro Max iPhone 15 iPhone 15 Plus iPhone 15 Pro iPhone 15 Pro Max iPhone 14 iPhon...
airtag 4 pack blue

AirTag 2 Launching This Year With These 3 New Features

Sunday January 19, 2025 8:11 am PST by
After a four-year wait, a new AirTag is finally expected to launch in 2025. Below, we recap rumored upgrades for the accessory. A few months ago, Bloomberg's Mark Gurman said Apple was aiming to release the AirTag 2 around the middle of 2025. While he did not offer a more specific timeframe, that means the AirTag 2 could be announced by the end of June. The original AirTag was announced...
iPhone SE Dynamic Island Majin Bu

iPhone SE 4 Leak Shows Dynamic Island, Casts Doubt on Rumored 'iPhone 16E' Name

Monday January 20, 2025 9:01 am PST by
A new iPhone SE is widely rumored to launch this year, and the device has potentially been confirmed today by known leaker Evan Blass. In a private social media post, Blass shared an image of what appears to be source code mentioning an iPhone SE (4th Gen), which casts doubt on the alternative "iPhone 16E" name rumored for the device. However, the name in the source code could be a...
iPad Pro vs iPhone 17 Air Feature

Here's How Thin the iPhone 17 Air Might Be

Friday January 17, 2025 3:38 pm PST by
For the last several months, we've been hearing rumors about a redesigned version of the iPhone 17 that Apple might call the iPhone 17 "Air," or something along those lines. It's going to replace the iPhone 17 Plus as Apple's fourth iPhone option, and it will be offered alongside the iPhone 17, iPhone 17 Pro, and iPhone 17 Pro Max. We know the iPhone 17 Air is going to be super slim, but...

Top Rated Comments

TheDailyApple Avatar
31 months ago

I guess Mac users can't feel superior anymore, computer comes with Anti Malware...
Built-in security has always been a plus for an operating system. The things users hated (and still do) is trashy third party anti-virus programs that slow your computer down, get in the way, and generally make a nuisance of themselves. Ever since Windows 10 was released, Defender has been sufficient for anyone with good internet practices. Both operating systems still need extra security for people with bad security practices or who need extra protection, but their built in systems are sufficient for most. The thing Mac users hated about previous versions of Windows (Vista and earlier) was that a trashy third party antivirus was practically a necessity.

Oh, and if you had read the article you’d know that Macs already had anti-malware built in. The point of the article is that it’s gotten better.
Score: 28 Votes (Like | Disagree)
polyphenol Avatar
31 months ago
Having dealt with lots of different third-party anti-virus/anti-malware products on Windows (and a couple on macOS), I hate them all with a vengeance.

When protection is, effectively, built into the OS, you know that every developer will have had to deal with it.

When protection is one of a dozen, or more, products, you cannot realistically expect developers to have dealt with more than a small proportion.

Please can I have back the hours I have spent trying to identify why some software is not working on some machines - but is fine on others. Eventually finding that removal of anti-malware fixes it. But on the adjacent machine all is well with it installed.

(And removal of anti-malware software can be harder than getting rid of some actual malware.)
Score: 11 Votes (Like | Disagree)
max2 Avatar
31 months ago
Thank you Apple!
Score: 11 Votes (Like | Disagree)
TheDailyApple Avatar
31 months ago
This is good to hear. As Macs get more popular, there is going to be more and more malware targeting them.
Score: 11 Votes (Like | Disagree)
VineRider Avatar
31 months ago
I wish Apple was more forthcoming about what their anti-malware engines were actually doing, and when....I wish they would log the scans, log the definition updates, give the user some idea of the protection being offered.
Score: 11 Votes (Like | Disagree)
djam Avatar
31 months ago

Many thanks Apple but why quietly?
Apple have traditionally used Mac's "virus free" nature as a selling tool. You don't want to change that perception if you don't have to.
Score: 6 Votes (Like | Disagree)