Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Will an anti-virus software do the job instead of Mac security software updates?

jonathan89

jonathan89

macrumors newbie
Original poster
Jul 15, 2024
2
0
Hi, my parents have an iMac that is 9 years old now and hasn't received an operating system update in 3 years as is normal with older Macs and now the 3-year security software updates for the iMac are ending soon. Their iMac still works fine for what they want to do and they really don't want to buy a new iMac.

They are old and don't want to mess around with anything too technical.

They have asked if using a good paid-for anti-virus software would do the job of protecting their iMac.
 
You want Open Legacy Core Patcher. Once it is setup, it gets updates normally. You can combine that up to date OS with security updates with something like this:

System security like operational security isn't just a buy one product and done. It takes layers.

For layered security, telling somebody don't click the sketchy ads for downloads won't stop them from making a mistake. Adguard, uBlock Origin, Brave, and other technical solutions will. It reduces attack surface and risk of user error. It is one of the best and least invasive changes you can make. You can also look at products from vendors like ESET and Malwarebytes. These are extremely popular products with loads of customers across the internet. Products like that provide a last line of security against zero day exploits or similar long tail problems.

You want your system to be as layered with defenses as you can while still being usable for your daily work. Adblockers, security/malware scanners, and similar transparent measures all help. It all depends on your needs like having an elderly parent who might fall victim to scams.
 
  • Like
Reactions: Isamilis
DON'T USE OCLP, unless you want to be doing tech support for them all the time.

Set them up with MalwareBytes.
You download and install it.
It runs without charge for about 15 days or so (don't remember).

At the end of that period, it will ask if you wish to upgrade to the PAID version.
NO. YOU DON'T NEED TO DO THAT.
As an alternative, it will "convert" into "the free version".

THE DIFFERENCE:
The paid version runs in the background, full-time.
The free version only runs when you manually "launch it".
That's good enough for me.
 
  • Like
Reactions: benwiggy
The important thing here is: "What are you worried about?" and be specific.

Open Legacy Core Patcher disables SIP on the Mac for example. That's an important security measure for fully updated fully patched Macs with all security updates. Best left on. With that said, what does it do for Macs with no updates and known massive holes in the OS?

Let's use the libwebp library exploit for an example.

Scenario 1: You're on your legacy out of support MacOS system with SIP enabled. You visit a webpage in Safari. You're hacked. The hackers have total control over the system. You didn't click, open, download, etc anything.

Status: pwned

Scenario 2: You're on an OLCP MacOS system with SIP disabled. You visit a webpage in updated Safari. Nothing happens because it's fixed. You have total control over the system. You clicked everything and browsed everywhere.

Status: Secure

You can look at layered security to try to help mitigate, but nothing replaces OS level security updates for known holes.
 
  • Like
Reactions: Brian33
Thanks for all the replies, everyone. I will pass this information on to my parents and let them know. They are not technical at all so will see what they say. Maybe run Chrome instead of Safari and use Malwarebytes or similar in the background? They don't mind paying for antivirus etc. They are old and only use iMac for browsing the internet mostly to sites they know and email. Maybe access email direct through Chrome? I don't think they will be able to handle anything technical! I don't live near them so I can't help in person with this. Thanks again.
 
Make it a Windows machine so it remains current in regards to security.
Ironic, but it is what it is.
 
  • Like
Reactions: Brian33
jonathan89 said:
Maybe run Chrome instead of Safari and use Malwarebytes or similar in the background?
Click to expand...
Chrome or Firefox ESR https://www.mozilla.org/firefox/all/#product-desktop-esr

Updated and free email client - Thunderbird https://www.thunderbird.net

Don’t pay for Malwarebytes, it’s real time protection is lousy https://forums.macrumors.com/threads/how-safe-is-malwarebytes-for-mac.2378702/post-32752608

A good paid option - Bitdefender Antivirus for Mac https://www.bitdefender.com/solutions/antivirus-for-mac.html
 
I wouldn't use Chrome.
Google "has their eyes on you".

Try Firefox "extended support" version as bogdan mentions above.
Or perhaps "WaterFox".
The Orion browser might work, as well (running under Mojave here).

Again, the FREE version of MalwareBytes is all they need.
 
  • Like
Reactions: benwiggy
Renegade asks:
"Is anti virus really needed on a Mac?"

To my knowledge, there has NEVER been a Mac "virus" found "in the wild" since OS X was first introduced back around 2002 (or was it 2003?). Not one.

Of course, there IS malware, adware, etc.
And there was at least one known instance of Mac "ramsomware" (sprung through a doctored version of "Transmission", if I recall).

But "viruses", per se -- no.

I'd install Apple's xprotect updates (have I got that right?) using the free "Lockrattler", if you wish.
And also (as suggested above) use the FREE version of Malwarebytes from time to time...

EXCEPTION to what I've posted above:
If one exchanges numerous documents with Windows, it might be useful to have some kind of 3rd party protection working behind the scenes. Not that the Mac could be vulnerable, but Windows docs running on the Mac (or running in Windows emulation on the Mac) could have problems. I really don't know much of anything about Windows, and can't comment further than that.
 
Fishrrman said:
To my knowledge, there has NEVER been a Mac "virus"
Click to expand...

TBH, there aren't many Windows viruses around these days, either.

When most people say "virus", they mean malware in general; and by "anti-virus", they mean anti-malware. There are plenty of threats out there. Their category is largely irrelevant.
 
  • Like
Reactions: Brian33 and iMac2019
Viruses were made for fun. Infostealers are made for profit and are the real threat these days.
"Infostealer malware targeting macOS enters the top 10 threats"
https://betanews.com/2024/09/19/infostealer-malware-targeting-macos-enters-the-top-10-threats/
"Global infostealer malware operation targets crypto users, gamers"
https://www.bleepingcomputer.com/ne...alware-operation-targets-crypto-users-gamers/

frou said:
OCLP itself should get a security audit. I think people are too cavalier with it and there's going to be a debacle sooner or later.
Click to expand...
I'm not.
https://forums.macrumors.com/threads/security-for-oclp-opencore-legacy-patcher.2406586/post-32609327
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back