Apple has a solid track record of security, but the old adage that “Macs don’t get viruses” and “iPhones are secure by default” is outdated. On the Windows side, Microsoft Defender has been improving, but it won’t protect you against newer threats. That means it might be tempting to save money on third-party security protection and just rely on what’s built in, but it’s not a good idea. Depending on what operating system is involved, going beyond the basics is always a good idea, and sometimes a necessity.
Windows, macOS, Android, and iOS all include protection against malware, in one way or another. For some, protection takes the form of a full-on antivirus. For others, security is thoroughly baked into the OS, making it hard for malware to do anything. Either way, you can improve your protection by installing a third-party antivirus.
Windows Defender: Is Built-In Protection Enough?
Microsoft has offered built-in antivirus protection of one kind or another since the release of Microsoft Anti-Virus for DOS in 1993. The core of that product was purchased by Symantec and became the OG Norton Antivirus. And wow, was it ever simple-minded. At release, it could detect around 1,200 specific viruses, and users had to install any updates manually.
(Credit: Microsoft)
Fast-forward to today, and you get Microsoft Defender, a rather more impressive product. Oh, it went through some rough stages developmentally. When independent testing labs began including Microsoft Defender, it scored below zero in some tests. But that was many years ago, and this tool has been steadily improving its scores.
After going through various names, it’s now called Microsoft Defender Antivirus. In addition to providing antivirus protection, it also manages other security features such as Windows Firewall. In our testing, however, we discovered some significant limitations. For example, it scored poorly in our hands-on phishing protection test, which uses real-world fraudulent sites scraped from the web. In any case, its phishing protection and its defense against malware-hosting sites both only work in Microsoft browsers. Do you prefer Chrome? Firefox? Sorry, you get no protection.
Microsoft Defender includes ransomware protection via a component that prevents unauthorized changes to files in important folders. Early on, the desktop was included, which proved annoying because protection kicked in whenever an installer tried to place an icon there. In Windows 10 and Windows 11, this feature protects the Documents, Pictures, Videos, Music, and Favorites folders. It’s still turned off by default.
(Credit: Microsoft)
Here’s the thing. Microsoft Defender’s developers seem to consider it a Plan B, rather than a main solution. If you install a third-party antivirus, Microsoft Defender goes into a dormant state to avoid interference. If you remove third-party protection, Defender revives and resumes its defense. The best antivirus programs, even free antivirus tools, perform significantly better in testing and offer more features.
Android Security: Why Play Protect Falls Short
Google immediately removes any malware that it finds in the Google Play Store, but the key word here is removes. First, the malware shows up in the store; second, however long this takes, Google removes it. The Play Store doesn’t have the same stringent vetting process as Apple’s App Store. Malware does get into the store, and you may well download it before Google cleans up. In addition, despite new restrictions by Google, it’s still possible to set your Android to allow sideloading programs independently of the Play Store.
Google Play Protect, the built-in antivirus for Android, aims to protect your devices from malware. According to independent testing labs, it performs poorly.
The Best Antivirus We’ve Tested
Experts at AV-Comparatives tested Google Play Protect alongside nine third-party Android antivirus tools. They collected thousands of unique Android malware samples and tested each antivirus against that collection. They first let the antivirus scan and eliminate the samples it recognized, then launched any that remained to give behavior-based detection a chance. They also installed hundreds of popular (and legitimate) apps to ensure the antivirus doesn’t mistakenly label them as malicious.
In this latest test, Bitdefender alone reached 100% success. Avast, AVG, Avira, and Norton came very close, each at 99.9%. The rest of the third-party products scored at least 99.5%. That leaves Play Protect at the bottom, with 98.8%. This is a better score than the 87.9% Play Protect reached a few years ago, but not enough to earn the lab’s seal of approval, an honor attained by all the other tested products.
In their reports on Windows, macOS, and Android antivirus products, researchers at AV-Test Institute assign each product up to 6 points for Protection, Performance, and Usability. That last one means the product doesn’t freak out the user by falsely accusing valid apps. In the latest test, all products received the full six points for performance and usability. F-Secure, Google, and TotalAV scored a decent 5.5 points for protection, but all the others took six points, for a total of 18 points, the maximum. That’s a big improvement for Google, which has scored as low as three points for protection.
It does seem that Play Protect is improving, but you still need a third-party antivirus on your Android devices. We’ve rounded up some favorite Android antivirus tools, focusing on solutions that support multiple platforms.
Macs and Malware: Do You Really Need Antivirus?
Sideloading—installing apps from outside the operating system’s store—is common in Android. We’ve even seen security tools that must be installed this way (though we don’t approve of it). Apple is much more insistent that only App Store apps can be trusted. By default, if it’s not from the App Store, you just can’t install it. Yes, you can override that setting, but you really shouldn’t.
For an additional layer of protection, a component called Gatekeeper checks every app you install for malware. Starting in macOS Catalina, Gatekeeper checks apps on every launch, not just at install time, and examines non-malicious apps for security issues. Catalina also requires apps to request permission before they can access critical areas. And with Catalina, the operating system resides on a read-only drive partition, separate from all other programs.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy
Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
To infect another program, a virus needs to modify that program, something that’s not allowed in macOS. To steal private data, a banking Trojan must read your browser’s memory, which is likewise not allowed. In macOS, apps are isolated and can access only their own resources. And even if an app managed to break through this barrier and access another program’s memory, features like ASLR (Address Space Layout Randomization) would keep it from finding any treasures stored in memory.
Many manufacturers make PCs, but only Apple makes Macs. The company has full control over the hardware, including the M-series chips that power modern Macs. The current M4 chip creates what’s called a Secure Exclave, an area of memory that’s completely unavailable to any process not part of macOS. The related Secure Enclave manages Touch ID, encrypted storage, and more.
Despite all these safeguards, macOS malware most definitely exists, with several significant attacks in the last few years. The malware dubbed Cthulhu Stealer, available for purchase on the dark web, masquerades as a legitimate program and steals credentials and even cryptocurrency wallets. Another infostealer, Cuckoo, showed ingenuity by tricking Mac users into overriding the built-in Gatekeeper protection. Mac users who were fooled by scareware warnings wound up giving away sensitive information to fake tech support agents. Even the FBI has gotten involved, investigating malware-infested Steam games for both Windows and macOS.
While Macs aren’t as vulnerable as Windows boxes or Android devices, the old saw that Macs don’t get malware is demonstrably untrue. And unlike Windows, macOS doesn’t include an antivirus utility as such. If you don’t have antivirus protection on your Macs, get it now.
Recommended by Our Editors
iPhone Security: Why Antivirus Isn’t Needed
“Only a fool learns from his own mistakes. The wise man learns from the mistakes of others,” said Prussian statesman Otto von Bismarck. Apple has had teams developing operating systems since the 80s, plenty of time to make a lot of mistakes. When the iOS team arrived, mistakes from previous groups provided ample insight into what makes for a secure operating system. Release after release, iOS gets still more secure.
So secure that it’s not really possible to create an antivirus to run on iOS. A Malwarebytes report from several years ago reports a strong rise in macOS malware, but notes, “On the iOS side, malware exists, but there’s no way to scan for it.” It goes on to point out that this iOS malware is mostly the work of nation-state actors, not the kind of thing your average user needs to worry about.
Even when malware coders (or researchers) do manage to create iOS malware, it tends to have serious limitations. For example, the DarkSword attack, which spreads malware to iPhones via a phishing campaign, is only effective on iPhones running the outdated iOS versions 18.4 to 18.7. The Cornua hacking kit packs 23 distinct attacks to compromise iPhones, but only if they’re running iOS 13.0 through 17.2.1. A campaign called GoldPickaxe steals facial recognition data from iPhones, but its success depends on tricking users into installing the malware and granting it powerful device-level permissions.
Don’t look for a roundup of iOS antivirus products—we don’t have one. If all you ever use are iOS (and iPadOS) devices, you don’t need an antivirus. You’ll still want to use an iPhone VPN in some situations, however.
Mobile VPNs: Why Built-In Options Don’t Cut It
We’ve had readers ask why they can’t just use the free VPN built into their iPhones. Indeed, there’s a VPN configuration page in Settings, but you can’t use it without going through the complex process of manually setting up a VPN profile. The most important element of that profile is the VPN server you want to connect with. And to gain access to that server, you’ll need to pay for a subscription. Which comes with an app. So just use Proton VPN, or whatever app suits you best! The same is true on Android devices.
(Credit: Apple)
If you dig into Settings on an iPhone, you’ll find a spot to control your VPN, but it’s not what you think. Digging into VPN & Device Management settings just takes you to a dead end: “Add VPN Configuration.” On Android (at least on the Android device I use for testing), the VPN settings slot simply reports “None.” Depending on your device, you may find a Google VPN app available to install, but you’re probably better off installing a top-rated free VPN from a third party.
The Best VPNs We’ve Testd
Securing All Your Devices: Our Final Recommendations
If you’re using a Windows computer or an Android device, you should most definitely install a third-party antivirus utility. Microsoft Defender is getting better, but it’s not up to the best competitors, even the best free ones. And Google Play Protect isn’t effective enough.
Tight security aside, Mac users need protection too. As for iOS, Apple got it right, right from the start. This platform has so much security built in that it’s nearly impossible for an attack to succeed (nearly, but not completely). That protection also means it’s nearly impossible to write an iOS antivirus. Use the time and money you saved by not installing iOS protection to triple-check all your other devices.
For advice on getting started securing your devices, read up on how to check your security software, settings, and status.
About Our Expert
Neil J. Rubenking
Principal Writer, Security
Experience
When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that fateful meeting, I’ve become PCMag’s expert on security, privacy, and identity protection, putting antivirus tools, security suites, and all kinds of security software through their paces.
Before my current security gig, I supplied PCMag readers with tips and solutions on using popular applications, operating systems, and programming languages in my “User to User” and “Ask Neil” columns, which began in 1990 and ran for almost 20 years. Along the way, I wrote more than 40 utility articles, as well as Delphi Programming for Dummies and six other books covering DOS, Windows, and programming. I also reviewed thousands of products of all kinds, ranging from early Sierra Online adventure games to AOL’s precursor Q-Link.
In the early 2000s, I turned my focus to security and the growing antivirus industry. After years of working with antivirus, I’m known throughout the security industry as an expert on evaluating antivirus tools. I serve as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international nonprofit group dedicated to coordinating and improving testing of anti-malware solutions.
Latest By Neil J. Rubenking
Read Full Bio
/https://i.s3.glbimg.com/v1/AUTH_08fbf48bc0524877943fe86e43087e7a/internal_photos/bs/2025/V/G/1YM3vSRCGUaZVqD5JAjg/redmi14c-cameras.jpg?w=1024&resize=1024,1024&ssl=1 "Corra! 5 celulares com descontos de até 52% no Mercado Livre")
