Apple has made significant upgrades to the macOS malware tools, according to changes monitored by Howard Oakley at Eclectic Lighting Company during the past six months.
According to Oakley’s blog post from this week, “macOS malware prevention has changed more in the last six months than it has over the previous seven years.” As active as “many commercial anti-virus programs,” malware detection on the Mac is now “completely preventive.”
In particular, Apple discreetly unveiled a new XProtect Remediator tool for its XProtect service, which checks for malware in the background, around the time when macOS 12.3 Monterey was released. The XProtect Remediator scans for malware more frequently and removes it when it is found.
Also Read: Apple currently offers entire Magic Keyboard
Apple previously employed XProtect and the Malware Removal Tool (MRT), but XProtect could only examine apps and code against a list of known malware, and MRT only ran occasionally. Apple’s new approach is more assertive and provides better security. On Macs running macOS Monterey, macOS Big Sur, and macOS Catalina, Xproduct Remediator is accessible. However, it is not accessible on Macs running earlier versions of macOS.
The new XProtect feature is regularly updated and executed at least once daily, though occasionally even more frequently. It can run as frequently as every hour or two for various malware checks and can recognize a variety of infections, including Adload, DubRobber, Pirrit, SnowDrift, Trovi, and more.
The Mac is most likely to perform scans when it is awake but not actively being used and is mostly performing background duties like backups and email receipts. For users using the most recent versions of macOS, Oakley claims that the new malware defenses represent a “huge stride forward.” More details can be found in Oakley’s whole blog article.