The Flashback malware would install itself on a Mac just by visiting a compromised/infected web site. No admin password was required.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Do we need an antivirus on OS X?
- Thread starter digitalove
- Start date
- Sort by reaction score
- Status
The Flashback malware would install itself on a Mac just by visiting a compromised/infected web site. No admin password was required.
That's a Java vulnerability, not an OSX one. And you would have had to have Java installed separately, which most users don't have.
Antivirus are not needed on OSX. Period.
Installed one out of curiosity and found that several old Word docs were infected with spyware. Now I keep the anti virus installed and do a check up every week. Your OS X might be safe but that doesn't mean your docs are. You should prevent a virus from being spread to others.
https://nakedsecurity.sophos.com/2014/03/14/pwn2own-day-two-chrome-and-safari-join-the-losers/
"There are still OS X threat deniers out there who tell us that they consider malware in its traditional sense to be impossible on OS X, "because you have to click on and run a program by yourself and then type your admin password into the warning popup." But as Google's hacking crew just showed, a determined attacker can sidestep both of those giveaways when launching malware."
You do know you're pointing me to a fear mongering article on a site ran by...Sophos, an antivirus peddler.
What's next, climate change denial articles from Exxon?
Antivirus software is NOT needed on OS X.
----------
So, even though you're not vulnerable, you are deciding to burden your Mac's performance and battery life so that others who decided to cheap-out on their platform of choice can keep being negligent about their computer's security?
Sorry, but I just can't find the logic in that.
Who cares whose fault it was. The point is Flashback could infect your Mac just by visiting a web site. So it shows that OS X certainly has been vulnerable in the past and no password was needed to get the malware.
I see this argument on here often and I disagree. If one is operating in a mixed (Mac/PC) business environment where you are sending documents etc. to Windows users and you send a virus to a client, I don't think telling them it is their problem is really going to cut it.
IMO this is not a binary need/don't need question. I think some questions need to be asked about usage and environment then make an educated decision. The answer should not always automatically be no.
Cannot believe nobody has mentation yet that OS X comes with basic malware protection built in called X Protect. Its silent & invisible to the user.
Just last night I had to help a friend with her MacBook Pro. Her husband had been tricked into installing Genieo/InstallMac when he saw a notice in Safari about an Adobe Flash Player update. We had the usual discussion about what a virus is and is not, and I had to assure her that no mac virus exist in the wild. My impression is that most people see an odd computer issue, and immediately assume it's a virus.
In my friend's case, it was her husband who wanted to blame the "virus" instead of focusing on his own actions in which he gave permission to download and install adware. (This is the same guy who readily gave out his credit card number to a complete stranger on the phone a few months ago...)
In my friend's case, it was her husband who wanted to blame the "virus" instead of focusing on his own actions in which he gave permission to download and install adware. (This is the same guy who readily gave out his credit card number to a complete stranger on the phone a few months ago...)
The end of the day it doesn't matter how careful you are, it only takes one infected file or email from someone else to get you into trouble. That coupled with the fact that the mac os is getting more and more widely used it will only be a matter of time before someone decides to wipe the smug look off our faces and decide to write a virus counting on the fact that a lot of people are using macs are unprotected because they think they are untouchable.
Personally would never use a computer on the internet without av, and that includes the vm's I use too. I've seen the damage a virus or trojan can do and I will do what I can to protect myself and my data.
I have 4 licenses for Eset, it costs me the equivalent of £12 per machine per year. Two for my rMBP, and two for my rImac (os x and win8 vm on each).
Personally would never use a computer on the internet without av, and that includes the vm's I use too. I've seen the damage a virus or trojan can do and I will do what I can to protect myself and my data.
I have 4 licenses for Eset, it costs me the equivalent of £12 per machine per year. Two for my rMBP, and two for my rImac (os x and win8 vm on each).
Unfortunately, it's not enough. There are numerous Macs worldwide that have become infected recently.
----------
Unfortunately many people don't realize that some of the Adobe updates that come via update notice are not really from Adobe, and they download infected "updates." The belief that Macs are as safe as they had been at one time is what leads people to trust App updates. The only safe way to update Flash and Reader is to go to the Adobe website itself. I keep it bookmarked so as not to go to a spurious site by accident.
Last edited:
Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.
Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing. There is no real-world disadvantage in running an admin account as your normal account. That is a myth carried over from Windows, where it is a disadvantage.
As stated above, OS X has never been immune to malware. While there are Trojans that a user can avoid by prudent action, there has never been an OS X virus in the wild.
There <should> be a difference, it should force certain activities to mean instead of a click-to-install the user has to change to an admin account - which should also help avoid accidentally installing malware.
Even if you're logged in as an administrator, the admin password is required when installing apps that can access system folders. As long as you think before entering your admin password, you're fine, whether running an admin or standard account.
Oh I know that, its an additional safety step for those that don't think, or have their Gatekeeper set to "anywhere".
Kaspersky Internet Security for Mac
I say "yes", because the term 'antivirus' can be interpreted in a variety of ways (not all of which are correct, but I'll not make a discussion point of that).
I use Kaspersky Internet Security for Mac (download), which offers reasonable protection against more than viruses alone.
I can't recommend the Sophos software for OS X Sophos Anti-Virus associated with unresponsive systems, and so on.
I say "yes", because the term 'antivirus' can be interpreted in a variety of ways (not all of which are correct, but I'll not make a discussion point of that).
I use Kaspersky Internet Security for Mac (download), which offers reasonable protection against more than viruses alone.
I can't recommend the Sophos software for OS X Sophos Anti-Virus associated with unresponsive systems, and so on.
A virus for Mac is IMPOSSIBLE unless the account you're on is admin and the user gives an application access to root with the password.
First, there are no true viruses in the wild that run on OS X; there are only Trojans. For Trojans, it is possible to install one without requiring the admin password. Whether you're on an admin or standard account is irrelevant.
Finally, nothing is impossible.
I agree completely. And, Flashback is not the only one. Unfortunately, many people are infected with various Trojans and several Viri and don't even know it until their Mac goes wacko or they suffer identity theft.
It's not just a matter of sending a virus to a client, it's a matter of spreading it to a friend or acquaintance. Tell a friend it's his or her problem means you will certainly lose that friend.
----------
But, it's just not enough.
----------
I've heard very good things about Kaspersky. I use Virus Barrier and really like it. It is thorough, updated very often (sometimes several times a week), and it does not noticeably slow down my Mac. One of the major complaints I hear about Anti-Viri is that they slow down the Mac, and many of them really do. Virus Barrier does not.
Last edited:
Better safe than sorry, so I run Sophos and have done so without any problems. Why take the risk, think of all the hours of reinstalling your Mac or PC. I would rather have some protection, even if in the main it is not needed.
Better to be Safe than Sorry.
Better to be Safe than Sorry.
Never say never! There are Trojans and if there are no OS X viri in the wild, it is only a matter of time. Don't underestimate those who would attack you.
It's not just a matter of telling a Windows user that it's their problem.
Running anti-virus on your Mac to protect Windows users from malware is like covering your mouth when you cough in front of the kids, then sending them out without flu shots to a school where a flu epidemic is spreading like wildfire. Great! They might not catch anything from you, but you've left them vulnerable to the greater risk. It's wiser to make sure they have flu shots, so they're protected from infection, whether it be from you or from other people.
If you really want to help your Windows friends, encourage them to get their own anti-virus protection installed, or offer to install it for them.
The other problem with such apps is that many users are lulled into a false sense of security, thinking that if they have antivirus installed, they're fully protected. Such is not the case, since detection rates are less than complete.
There's no software substitute for a well-informed, prudent user.
I didn't say "never", but people have been claiming "it's only a matter of time" for 12+ years and it hasn't happened yet. Part of being informed is to stay abreast of news that could affect you. If an OS X virus is ever introduced in the wild, no antivirus app would protect you because it wouldn't detect it at first, not knowing what to look for. There would be plenty of news about such an event, however, enabling users to be on guard to take appropriate action.
Last edited:
- Status