8 Simple Tips to Secure a Mac from Malware, Viruses, & Trojans
The recent outbreak of the Flashback trojan (Apple released an update and fix, get it!) has brought a lot of attention to potential viruses and trojans hitting the Mac platform. Most of what you’ll read is overblown fear mongering hype, and practically all Mac malware has come through third party utilities and applications. What that means for the average user is that it’s very easy to completely prevent infections and attacks from occurring in the first place, especially when combined with some general security tips.
Without further ado, here are eight simple ways to secure a Mac to help prevent viruses, trojans, and malware from effecting you:
1) Disable or Remove Java
Flashback and other malware has installed through Java security breaches. Apple has already released several updates to patch the Java security holes that allowed Flashback to spread (you should install those), but you can also go a step further and completely disable Java on the Mac. Frankly, the average person doesn’t need Java installed on their Mac let alone active in their web browser, disable it and you don’t have to worry about security holes in older versions of the software impacting your Mac.
You can read how to uninstall Java from Mac here if you don’t use java at all on the computer. Otherwise you can disable it manually too.
1a) Disable Java in Safari
- Open Safari and pull down the Safari menu, selecting “Preferences”
- Click on the “Security” tab and uncheck the box next to “Enable Java”
Disabling Java in the Safari browser is reasonably effective, but why not go a step further and disable it in Mac OS X completely? Chances are high that you won’t miss it, let alone notice it’s disabled.
1b) Disable Java System-Wide in Mac OS X
- Open the Applications folder and then open the Utilities folder
- Launch the “Java Preferences” application
- Uncheck the box next to “Enable applet plug-in and Web Start applications”
- Uncheck all the boxes next to “Java SE #” in the list below
2) Update Apps and Mac OS X Software Regularly
Apple regularly issues Security Updates and many third party apps do as well, therefore regularly updating both your MacOS / Mac OS X System Software and Mac OS X apps are one of the single best preventative measures you can take to keep a Mac secure. We’ve hammered home about this repeatedly as a general Mac OS X maintenance tip because it’s important and so easy to do:
- Open Software Update from the Apple menu and install updates when available
- Open the App Store and download available updates to apps and anything else as well
3) Disable or Remove Adobe Acrobat Reader
Adobe Acrobat Reader has had multiple security breaches recently, therefore you’ll be safer without it in your web browser. There’s little reason to have Reader installed on a Mac anyway, Mac OS X includes Preview for viewing PDF’s. Uninstall Adobe Acrobat Reader by running the bundled uninstaller app, or locate the following file and remove it to uninstall the Acrobat browser plugin:
4) Install Anti-Malware / Anti-Virus Software for Mac OS X
Using anti-virus software on the Mac is likely overkill, but it’s worth mentioning again. Additionally, there are anti-malware tools available now too.
Arguably the best solution is available for free from Malwarebytes (and yes, there is a paid tier but if you just want a scanner and removal tool, the free version is sufficient for those needs). It is a widely trusted tool that keeps an updated list of malware, and the free version will remove any detected malware from the Mac.
As for anti-virus, it’s generally not necessary. Nonetheless, we’ve talked about the free Sophos anti-virus here before, and though you probably won’t ever need it, it’s a free and effective way to fight viruses that may end up on the Mac. If you’re the cautious type and you’d like an antivirus on the Mac, Sophos is something to look into:
5) Disable or Remove Adobe Flash / Use a Flash Block Plugin
Flash has been used as an attack vector in the past, and Macs stopped shipping with Flash installed for a reason; basically it’s a crash-prone battery hog that has occasional security breaches. Many sites use Flash for video and games though, so instead of uninstalling Flash completely we’ll recommend using a Flash block plugin for your web browser. This causes all Flash to be disabled by default until you click to allow individual plugins and instances of the Flash plugin to run, preventing unauthorized Flash from running in a web browser completely. These plugins are free and available for every major browser:
6) Disable Automatic File Opening After Download
Safari defaults to automatically opening “safe” files after they’re downloaded. For added security, disable this feature and manage the opening of downloads yourself:
- Open Safari preferences and click the General tab
- Uncheck the box next to “Open ‘safe’ files after downloading”
7) Double-Check Anti-Malware Definitions are Enabled
Mac OS X automatically downloads and maintains a malware definition list which is actively used to combat potential threats and attacks. This is enabled by default, but you can double-check to make sure you’re getting the updates as they arrive by insuring the feature is turned on:
- Open System Preferences and click on “Security & Privacy”
- Under the General tab look for “Automatically update safe downloads list” and make sure it is checked
You can also check the update list manually if you’re concerned the latest version hasn’t been installed, but as long as you have the feature enabled and have regular internet access, it probably is.
8 ) Don’t Install Random Software You Didn’t Ask For
If you see a random pop-up window asking you to install random software you didn’t request, don’t install it! This may sound like common sense, but it’s actually how some Mac malware propagated in the past. Apple patched the hole that allowed for that to happen a while ago, but the overall message is still relevant: if you didn’t download or request an app to be installed and you’re suddenly confronted with an installation dialog, don’t install it.
That about covers it, but if you have any additional security tips and anti-virus/malware/trojan tips, let us know in the comments.