Clear all

[Solved] Mac vs. Windows Malware  

Page 1 / 2


I would normally write this kind of question directly to Dave, but in the spirit of embracing the forums I’ll do it here.

In a recent MGG, @Dave Hamilton was talking about things he learned at MacTech. He said, “Macs are now more vulnerable to malware than Windows. Let that sink in.”  I expected his next sentence to be some sort of supporting information for this statement, but it didn’t come. 

I know that Microsoft has mad vast strides in protecting Windows from malware, At the same time, Apple has continued to progress in protecting our Macs with Xprotect and the T2 chip and the Secure Enclave. I’ve not heard or read anything to suggest that Apple has slipped behind.

So @Dave Hamilton - can you give us some supporting documentation for your statement?

Still having trouble figuring out how to tag people. Tagging @DaveHamilton correctly now. Couldn’t edit my post from the iPad for some reason...

16 Answers

All the sources were in the first two sessions ("Keynote: Protecting the Garden of Eden by Patrick Wardle" and "SecondNote: Avoiding the Landmines in Our New Landscape by Greg Neagle") at MacTech 2018.

The net is that Windows 10 is technologically more resistant to malware attacks than macOS Mojave. It doesn't mean that there is more malware (yet) for Macs; just that macOS Mojave is more vulnerable today than Windows 10 is.


Hi Allison

If there is supporting evidence to the claim then it is certainly the most stunning development on the Mac side, well since its' inception in '84.

The key word is vulnerability and that appears to suggest MacOS is technically inferior or perhaps it means that users are vulnerable to socially engineered malware. I am sure our brothers and sisters on the windows side are scarred enough to be extraordinarily cautious or moved to the Mac side as a counter measure.

The other side to the word vulnerable is the nature of the compromise that can penetrate Mac OS systems through poor user habits or innate system security weaknesses or a mix of both.

Either way, I believe that in general terms, users are at least aware of a risk associated to simply being online. Windows platforms have certainly taught us a thing or two of this ominous reality. In extension, I reminded of the tenacious and ever increasing attacks on what are typically considered trustworthy and security hardened cloud service. Year after the year attacks on yahoo, adobe, banking, and so on, in fact even the US government allowed millions of very personal and financial records to be stolen. The underlying reality is that this is not going to go away anytime soon.

Sadly my comments add nothing new other than just some reminders as most of this is generally understood, even if it is just in the back of people's minds as the new normal. However, it is very true that Dave made a very specific statement and as a non-denier of security risks that are out there, I believe he might not be wrong but it leaves me wondering … what are the inherent technical traits of Mac OS that make it more vulnerable to malware, or if it is even the OS and not the user that is creating the vulnerability.

I would like to know if there is a distinction to start with and then learn more.

I am glad you brought this up Allison, I too am interested in this particular issue.

Kind regards
PS excuse my typos but I am a little short on time at the moment, no excuses I know.  👍


Thanks @Alex-Santos for the thoughts.  It's Thanksgiving weekend so I didn't expect @davehamilton or anyone else to chime in but I wanted to record the question while it was fresh in my mind.

You may be interested in reading the Sophos 2019 Threat Report: It's a report looking forward at what we know and can expect in the coming year to be the bigger targets. It's REALLY long, so Bart Busschots suggests the two summary articles about portions of the report if you haven't the time for the full threat assessment.


I recall listening to a recent podcast where Dave mentioned malware and Macs. I don't recall who's software Dave said he ran once a week, but it got me to thinking about malware (a family member had their router hacked a while back), and so I ran ClamXav. Lo and behold, both found Adware.OSX.Spigot. While no reason to panic, it did warrant an angry face, a fist shake, as well as a few choice words. 

BUT, since it was installed once, it could happen again. 

A quick search of Best Malware for Mac turned up a variety of Best in Class choices. 

Tom's Guide likes Kaspersky with the free version of Avast second.
Macworld (UK) likes Intego, followed by BitDefender. Kaspersky was 7th choice.
Tech Radar likes BitDefender followed by Intego. Kaspersky was third. ClamX was 6th.
Mashable likes Norton, then McAfee. BitDefender is third.

While it seems that Avast is mentioned more than not in the top two for free versions and BitDefender and Kaspersky are in the top 5 most often for paid versions, I'm not really seeing a clear winner. 

System performance vs better protection? Time for paid over free? Real-time or scheduled? Who updates malware databases and their fixes faster? I mean, we could make arguments for each, right? Or, do we as geeky humans overthink everything and therefore, any choice we make will do the trick?

Basically, is it time to have the malware talk again?

This post was modified 2 years ago by MMuto

To date there is no self-propagating viruses on macOS. 

The adware and malware depend on tricking the user into doing the install. 

The tricks range from an Ad that looks like a download button on a page the user expects to get a program from. 

Or a download aggregation site puts their own installer around freeware/shareware that does a side-load of adware they are being paid to include with the install. 

Or a developer is paid to side-load adware along with their app. 

MalwareBytes for macOS has been the best at removing the known malware/adware.  After running a scan, uninstall MalwareBytes until the next time an install outside the App Store app is done.

Also EtreCheck. 

All other anti-virus packages have had negative impacts on macOS. Kernel panics, consuming resources, slowing down the Mac, quarantining essential macOS components, etc...


Yeah, I run Malwarebytes weekly on all my Macs. For me, that’s enough. But if you’re in a scenario where you’re more susceptible to this stuff you might want the real-time scanning engine.


You bring up a great point. I'm not sure how to link you to the MacTech sessions that addressed this, but... let me see what I can do to address it ourselves. Stay tuned!


So Dave - have you found any sources for your statement yet?\ (my original question)? “Macs are now more vulnerable to malware than Windows. Let that sink in.”



So no sources available to support that statement that we can see? I’d really like to read what the claims are.  The first talk in the abstract does say, “And while the sophistication of Mac malware is not (yet) on par with those found on the Windows platform, this could easily change.”. That’s not the same as saying macOS is more vulnerable than Windows. It also goes on to say that Mojave promises to be the most secure macOS ever (duh). I’m not saying there aren’t vulnerabilities and I’m not saying there are significant security flaws, it’s just that I’ve not read/heard anyone else saying that macOS is MORE vulnerable to malware than Windows.  Again, would love to read/listen to sources to back this up.


That's exactly the message: Mojave is (at least potentially) the most secure macOS yet, and Windows 10 is more secure than it.


That's exactly the message: Mojave is (at least potentially) the most secure macOS yet, and Windows 10 is more secure than it.

But that is an incomplete picture.

How many threats are there to take advantage of flaws in the respective operating systems.

I'm sure there are 10's of thousands for Windows and dozen's (maybe 100's for macOS).

But even then, how frequently do these threats knock on an individual user's door (active bot networks)?  Does the user have to open the door (as in being involved in the install), or can the threat slip through the locked door's keyhole?  Does the attacker need to have physical access to the computer, or be on the local LAN, or have access without a NAT router in place, or can they do it with an email, web page, intentionally corrupted image, etc....

Personally, I would contend there is more damage done to macOS uses from phishing attacks (just click here, or call this 1-800 number, etc...), and cold calls from XYZ official sounding FAKE company (computer manufacture, OS maker, ISP, etc...) saying they have detected a virus on your computer, and they will help you eliminate it if you just install TeamViewer (or similar) remote access utility. I'm not sure how you stop those kinds of attacks.

In the forums, the most common malware/virus related issues are the above phishing/cold call scams, and side-loaded adware.  After that anti-virus packages, and Mac cleaners have contributed to lots of performance issues and kernel panics (expecially when someone decides to install 2 or 3 such beasts all doing the same thing).

The only reason I mention MalwareBytes is because the author is a long time volunteer in the Apple Discussions forums and established lots of "Cred", then developed AdwareMedic before joining MalwareBytes.  And so far he has kept it a low overhead focused on macOS implementation.

Which is another annoyance with many of the anti-virus packages.  They spend a lot of time looking for Windows threats which cannot hurt macOS.  MalwareBytes for macOS doesn't.


But that is an incomplete picture.

How many threats are there to take advantage of flaws in the respective operating systems.

Totally agreed. Yeah, it's actually not at all surprising to me that Windows would wind up becoming more "hardened" than macOS. Given the history of it all, Windows needs to be more hardened because there are more attacks happening.

None of this is to imply that as Mac owners we're more likely to get a virus or malware. It's just that Windows has evolved to a point where it's currently better equipped to resist these types of attacks. 

And, as with everything, I'm sure that will change, too. 🙂

As I get older, I find I dislike change.  But my opinion will not stop change from happening 😀 


It’s obvious by now that I won’t get the backup for these statements that I desire. I’m sure these were reputable people (even though I don’t know anything about them) and obviously you, Dave, have a lot of credibility built up. But if I step back, all I know is that someone I know went to a conference where a couple of guys said, “Macs are more vulnerable to malware than Windows.”  

On the other hand I have tons of hard evidence of specific utilities and processes that go on under the hood to harden macOS. I also know that Microsoft has made great strides in this area in recent past as well.  But I’ve not seen it reported anywhere that Windows is less vulnerable to malware than macOS.  

I can’t “let that sink in” as you suggested without any backup other than two guys at a conference said so.

If you want the details of those sessions, I’m sure they are (or will be) available to hear at some point. 

Or you could reach out to the presenters.


@podfeet, it's like someone was listening. The entire playlist of MacTech 2018 videos just went live today: 

That's awesome! Now to find an hour of time to watch to find the information. Worst case scenario is a learn a lot of other stuff too!

Page 1 / 2