Apple XProtect is now proactive with periodic malware scans
Rather than scanning for malware when a Mac is started or an app is launched, Apple has quietly added a feature whereby it scans whenever a Mac is idling.
Malware illustration
Macs have famously been less prone to viruses than PCs, but all computers -- and all computer users -- are vulnerable to malware. Without explicitly announcing it, Apple has taken a further step to block and remove malware from the Mac.
According to Howard Oakley on his The Eclectic Light Company blog, Apple introduced what's called XProtect Remediator in March 2021, as part of its then latest macOS Monterey update.
It's an update to the long-standing XProtect system tool, which Oakley says "was mainly used to check apps... against a list of signatures of known malware."
Now XProtect Remediator "consists of executable code modules which both scan for and remediate detected malware."
Oakley says it is seemingly a replacement for Apple's previous Malware Removal Tool (MRT). And while searching Apple's support site for "malware" does surface references to the MRT, those references have been removed from the actual support documentation.
This XProtect Remediator is also not referenced in the support documentation, and XProtect is described as being for the removal of malware once detected. However, Apple does now say that XProtect also helps with the identification of malware.
"These scans should now be taking place on all Macs running macOS Catalina and later, with the current XProtect Remediator installed," says Oakley. "They're most likely to take place when your Mac is awake but doing little other than background tasks, such as routine backups, and receiving incoming email as it arrives."
Oakley describes this repeated system scanning as a "big step forward."
Read on AppleInsider
Malware illustration
Macs have famously been less prone to viruses than PCs, but all computers -- and all computer users -- are vulnerable to malware. Without explicitly announcing it, Apple has taken a further step to block and remove malware from the Mac.
According to Howard Oakley on his The Eclectic Light Company blog, Apple introduced what's called XProtect Remediator in March 2021, as part of its then latest macOS Monterey update.
It's an update to the long-standing XProtect system tool, which Oakley says "was mainly used to check apps... against a list of signatures of known malware."
Now XProtect Remediator "consists of executable code modules which both scan for and remediate detected malware."
Oakley says it is seemingly a replacement for Apple's previous Malware Removal Tool (MRT). And while searching Apple's support site for "malware" does surface references to the MRT, those references have been removed from the actual support documentation.
This XProtect Remediator is also not referenced in the support documentation, and XProtect is described as being for the removal of malware once detected. However, Apple does now say that XProtect also helps with the identification of malware.
"These scans should now be taking place on all Macs running macOS Catalina and later, with the current XProtect Remediator installed," says Oakley. "They're most likely to take place when your Mac is awake but doing little other than background tasks, such as routine backups, and receiving incoming email as it arrives."
Oakley describes this repeated system scanning as a "big step forward."
Read on AppleInsider
Comments
it is a glaring gaping hole in the Apple service portfolio and security services is currently MS fastest growing segment and one of the reasons Azure was not ignored in favour of AWS.
A personal Microsoft 365 subscription includes Defender for MacOS.
Apple releasing obsolete scanning features is not impressive for a company that has trust and privacy as part of the value prop.
honestly - add another 5 dollars per month to AppleOne and include XDR like agents across the device family with iCloud as the management console. Ties well into the SMB push they are doing and MDM offering.
Users of Apple devices not being targeted or at lower risk is not true.
Frankly, I don't buy Apple devices to be nickel-and-dimed on features like security that should be part of the core product. It's part of the value proposition that Apple provides, so while it's great for Microsoft that they're getting paid more and more to fix problems with their own products and services I am of the opinion that faulty goods should be returned for a refund or be repaired at the vendor's expense.
Heck, if you wanted to be overly cynical you could say Microsoft either purposely "crippled" their OS security just so they could sale this service or the programmers they have are so poorly skilled they can't figure out how to have such a security feature built into the OS.
It seems they're not necessarily "scheduled" as such, but wait for idle time.