Mac Security Article #2 - Software
Article ID = 82Article Title = Mac Security Article #2 - Software
Article Author(s) = Graham Needham (BH)
Article Created On = 25th May 2012
Article Last Updated = 26th July 2016
Article URL = https://www.macstrategy.com/article.php?82
Article Brief Description:
Software security recommendations for your Mac computer
Security - Software
This article has the following sections:- Software Installation
- Apple Software
- Third Party Software
- Internet Software
- Media Players
- Anti-Virus Software
Software Installation
Software can be installed in three different ways on a Mac computer:- Running an installer
- Dragging and dropping the application
- Silently, in the background with no visual indication
- Take heed of all MacStrategy's security recommendations.
- Be aware of why your computer is asking for an administrator's user name and password - if you're not sure click "Cancel".
- Read stuff that appears on screen, don't ever blindly click "OK", "Install" or "I Accept", etc.
- Be aware of what you are installing - always try to get software installers from the official developer's company web/support site. Only use reputable web sites that link to official company web sites like us (MacStrategy). Do not use download aggregation sites like CNET, Downloads.com, MacUpdate, etc as they often bundle adware/malware as an unofficial installer!
- Get important software (security) updates by using the official developer's company web/support site.
- Don't install (pirated) software from the internet/torrent sites - apart from it being illegal it usually has malware included in the installer!
- Don't download software using peer-to-peer (P2P) networks e.g. torrents (e.g. BitTorrent, Vuze, Azereus, Transmission) or Limewire/Gnutella (e.g. Acquisition, Acqlite, Cabos).
- Think before you install and pay attention to what is happening on screen.
- If you run Mac OS X 10.6.6 or later consider buying software only from the Mac App Store.
- Turn on the file extension display - click on the desktop / go to Finder menu > Preferences > Advanced tab > tick "Show all filename extensions".
- Consider what you are double clicking - if you are double clicking what is supposed to be a "picture" and it is asking for your user name and password then clearly something is wrong - cancel and delete the file.
- When you download an application from the internet and try to open it for the first time macOS / OS X / Mac OS X will warn you that it was downloaded and you must confirm whether you want to open it.
- Run Anti-Virus Software.
Gatekeeper in OS X 10.8 Mountain Lion or later
OS X 10.8 and later includes a software checking technology called Gatekeeper. There's a good article about identified developers and signing apps on Panic's web site.System Integrity Protection (SIP) in OS X 10.11 El Capitan or later
OS X 10.11 and later includes a security technology called System Integrity Protection (SIP) that prevents installers installing items into important areas of the system.Use A Non-Administrator User Account For Day To Day Activities
By using a standard user account for most of your work if your Mac is attacked the attack or attacker will only have access to the standard user account areas (which is not much). All other areas will be off limits without requesting an administrator user name and password which, when the request pops up will be a clear warning something is wrong so you can cancel, log out and troubleshoot what happened. To create a standard user account:- Go to Apple Menu > System Preferences > Accounts or Users & Groups
- If the padlock icon in the bottom left is locked click on it to unlock it (enter your administrator user name and password)
- Click the "+" button in the bottom left corner
- Select "Administrator" from the 'New Account' pop-up menu
- Enter the details as required setting a strong password for "New password" (remember you can use the Password Assistant here by clicking on the key icon)
- Click the "Create User" button
- Select your current account on the left (which should currently be set as an Administrator) and untick the "Allow user to administer this computer" option on the right.
- Make sure your current account has a strong password
- Go to Apple menu > Log Out
- Log in as a standard user
Apple Software
As Apple creates the operating system for your Macintosh computer it is vitally important to keep you operating system up to date. Apple also includes software products and components that are common attack vectors e.g. Safari web browser, QuickTime and iTunes. We have written an article about keeping your Apple software up-to-date.Third Party Software
A lot of malicious attacks will attempt to compromise your computer by way of (common) third party software usually by utilising a specially created bad file or document. Therefore common document formats that are known to be used as attack vectors are:- Adobe PDF (.pdf)
- Word (.doc / .docx)
- Excel (.xls / .xlsx)
- PowerPoint (.ppt / .pptx)
- JPEG pictures (.jpg / .jpeg)
- MPEG audio/video files (.mp3 / .mpg / .mpeg / .mp4 / .m4a / .m4v)
Internet Software
Please see our separate Networking/Internet security articleMedia Players
A common attack vector is malicious media files for media players. Always use reputable media players (like those listed below) and keep them up-to-date:- QuickTime Player (in Macintosh HD > Applications) [part of the macOS / OS X / Mac OS X operating system] QuickTime updates are now offered as part of the standard Apple Software Update feature of macOS.
- VLC - the best universal media player
- Telestream Flip4Mac WMV Player
- RealPlayer
SECURITY WARNING: QuickTime is no longer supported with security updates on OS X 10.11 El Capitan or earlier.
Anti-Virus Software For Macintosh Computers
- Avast Security for Mac
- AVG AntiVirus for Mac
- Avira Free Antivirus
- Bitdefender Antivirus for Mac
- ClamXav
- Clario Clario
- Comodo Antivirus for Mac
- CrowdStrike Falcon Pro for Mac
- FireEye Endpoint Security for Mac
- Intego VirusBarrier X9
- Intego Mac Internet Security X9
- Intego Mac Premium Bundle X9
- Kaspersky Internet Security for Mac
- Sophos Home Free (for Mac)
- Symantec Norton 360 Standard (1 device)
- Symantec Norton 360 Deluxe (5 devices)
- Symantec Norton 360 Premium (10 devices)
- Trend Micro Antivirus for Mac
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
If this information helped you or saved you time and/or money why not donate a little to us via PayPal?
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
Go to this
web page
to donate to us.
All proceeds go directly to MacStrategy / Burning Helix to help fund this web site.
Go to this
web page
to donate to us.