If you are short on disposable income, you don’t want to waste any of your money on unnecessary things. If you’re sitting on top of a pile of simoleons, well, you don’t get to that enviable situation by spending so much. Can you justify buying antivirus protection for your devices, or should you rely only on the included and provided? In most cases, you should cough up money. Depending on your device’s operating system, adding antivirus protection beyond what’s built in can range from a good idea to an absolute necessity.
Windows, macOS, Android, and iOS all include malware protection in one way or another. For some, protection takes the form of a full-fledged antivirus. For others, security is integrated into the operating system just enough that it is difficult for malware to do anything. Either way, you can improve your protection by installing a third-party antivirus.
Plan B: The Microsoft Defender Story
Microsoft has offered built-in protection against viruses of one kind or another since the release of Microsoft Anti-Virus for DOS in 1993. The core of this product was purchased by Symantec and became OG Norton Antivirus. Wow, was he ever so simple minded. Upon release, it could detect around 1200 specific viruses, and users had to install any updates manually.
Fast forward to today, and you get Microsoft Defender, which is a somewhat more impressive product. Oh, it has gone through some difficult stages evolutionarily. When I started independent testing labs including Microsoft Defender, I was able to score below zero on some tests. But that was years ago, and this tool has been steadily improving its results.
After going through different names, it is now called Microsoft Defender Antivirus. In addition to providing antivirus protection, it also manages other security features such as the Windows Firewall. However, in our tests we discovered some important limitations. For example, it scored poorly in our practical test against phishing, which uses fraudulent real-world sites that have been removed from the web. In any case, phishing protection and defense against malware hosting sites only work in Microsoft browsers. Do you prefer Chrome? fire fox? Sorry, you don’t have any protection.
Microsoft Defender includes some kind of ransomware protection, in the form of a component that prevents unauthorized changes to files in important folders. Early on, the desktop was included, which proved annoying, as the protection kicked in every time the installer wanted to place an icon on the desktop. Currently, in Windows 10 and Windows 11, this feature protects your Documents, Pictures, Videos, Music, and Favorites folders. It is still closed by default.
Here is the need. The developers of Microsoft Defender themselves seem to see it as a Plan B, not a master solution. If you install a third-party antivirus, Microsoft Defender goes dormant, so as not to interfere. If you remove third-party protection, Defender revives and takes on the task of defense again. The best antivirus software, even free antivirus tools, perform better in testing and offer more features.
Google Play Protect doesn’t do that
Google immediately removes any malware it finds in the Google Play Store, but the key word here is remove it. Firstly, malware appears in the Store, and secondly, no matter how long it takes, Google removes it. The Play Store does not have the same strict vetting process that comes with the Apple App Store. Malware enters the store, and you can download it well before Google cleans up. Additionally, it’s easy to set your Android device to allow sideloaders independent of the Play Store.
Google Play Protect, the antivirus software built into Android, aims to protect your devices from malware. As far as independent testing labs have found, they do a terrible job.
The experts at AV-Comparatives tested Google Play Protect along with nine third-party android antivirus tools. They have collected thousands of unique Android malware samples and tested each antivirus against that batch. They first let the antivirus scan and exclude the samples that it recognized, then fire whatever remains, to give behavior-based detection a chance. They also installed 500 popular (and legitimate) apps to verify that their antivirus software isn’t mislabeling them as malicious.
Avira, Bitdefender, G Data, Kaspersky, and Trend Micro Maximum Security each captured 100 percent of the samples. Several others succeeded better than 98%. Play Protect came last with a protection rate of 81.7%. Google entry also showed the most false positive results, a total of 12, with most of the rest showing no more than one. All tested antivirus products received the laboratory’s seal of approval. All of that, except for Play Protect.
In their reports on Windows, macOS, and Android antivirus products, researchers at the AV-Test Institute assign a product a score of six for protection, performance, and usability. The latter means that the product does not scare the user by falsely accusing them of valid applications. More than 60% of the tested products scored a full 18 points, and nearly 80% scored a full six points in the basic protection category. As for Google, it only needed two out of six possible points of protection. This is actually an improvement – in most previous tests, Google scored a significant zero fat for protection.
The verdict is clear: Play Protect will not protect you. You need a third-party antivirus on your Android devices. We’ve rounded up some of our favorite antivirus tools for Android, and we’re specifically looking at solutions that support multiple platforms.
Security in macOS
Sideloading – installing applications from outside the operating system store – is common in Android. We’ve also seen security tools that should be installed this way (although we don’t agree with it). Apple is even more insistent that only App Store apps can be trusted. By default, if it is not from the App Store, you cannot install it. Yes, you can override this setting, but you shouldn’t.
For another level of protection, a component called Gatekeeper scans every app you install for malware. Beginning with macOS Catalina, Gatekeeper checks apps at every boot, not just at installation time, and scans harmless apps for security issues. Catalina also makes apps get permission before they can access important areas. And with Catalina, the operating system is located on a read-only drive partition, separate from all other programs.
In order to infect another program, the virus needs to modify that program, which is not allowed in macOS. To steal private data, the banking Trojan must read your browser’s private memory, which is also not allowed. In a macOS environment, apps are isolated and limited to accessing their own resources. And even if an app manages to break through that barrier and access another program’s memory, features like ASLR (Address Space Layout Randomization) will prevent it from finding any treasures stored in memory.
Many manufacturers make computers, but only Apple makes Macs. The company has complete control over the hardware, including the T2 chip found in newer Macs. This chip creates the so-called Secure Enclave, an area of memory that is completely unavailable to any process that is not part of macOS. It also manages Touch ID, encrypted storage, and more.
Despite all these precautions, macOS malware certainly exists. Right now, a complex example called Gimmick (or Storm Cloud) is wreaking havoc in Asia. A few years ago, the Crescent Core attack made its way past the Gatekeeper by obtaining a certification that Apple assigned to another developer. And just last year, Silver Sparrow malware downloader made its way to 30,000 Macs before it was detected.
Although Macs aren’t as vulnerable as Windows or Android devices, the old saying that Macs don’t get malware is clearly not true. And unlike Windows, macOS doesn’t include an antivirus as such. If you don’t have antivirus protection on your Mac, get it now.
Recommended by our editors
What is narrower than macOS? iOS!
“Only a fool learns from his mistakes. A wise man learns from the mistakes of others,” said the Prussian statesman Otto von Bismarck. Apple has been developing operating systems since the 1980s, and there was plenty of time to make a lot of mistakes. When the iOS team came along, the bugs made From the previous groups a lot of input on what makes the OS secure.Version after release, iOS is still more secure.
So safe, in fact, that it’s not really possible to create an antivirus to run on iOS. Malwarebytes two years ago reported a spike in macOS malware, but notes that “on the iOS side, there’s malware, but there’s no way to search for it.” She goes on to point out that this iOS malware is mostly made up of nation-state efforts, not the kind of thing an average user needs to worry about.
Even when malware programmers (or researchers) are able to create iOS malware, it tends to have serious limitations. For example, checkm8 technology enables partial jailbreaking of many older iPhones, from iPhone 4s to iPhone X. However, checkm8 mode requires that you have physical access to the phone, which must be connected to a desktop computer. A new technology called NoReboot allows malware to persist by restarting the iPhone, but it works by tricking the user into believing the phone has restarted when it hasn’t.
Don’t look for a roundup of iOS antivirus products – we don’t have one. If all you use is iOS (and iPadOS) devices, you don’t really need an antivirus. However, you will still want to use an iPhone VPN in some situations. Speaking of VPNs…
What about my phone’s built-in VPN?
We asked our readers why they can’t use the free VPN built into their iPhone. Actually, there is a VPN configuration page in Settings, but you can’t use it without going through the complicated process of setting up a VPN profile manually. The most important element of this profile is the VPN server you want to connect to. And to get access to this server, you will need to pay for a subscription. that comes with the app. So just use ProtonVPN, or whatever app suits you best! The same applies to Android devices.
If you look in the settings, you will find a place to control your VPN, but it is a dead end. On your iPhone, you are free to tap the switch that appears to turn the VPN connection on…but turns it off again. On Android (at least on the Android device I’m using for testing), the VPN settings slot simply says “None”. Sorry, your phone does not have a built-in VPN client.
Protect your devices
If you are using a Windows PC or an Android device, you should definitely install a third-party antivirus tool. Microsoft Defender is getting better, but it’s not about the best competitors, even the best free ones. And Google Play Protect is not working.
Aside from the heightened security, Mac users need protection too. A recent study showed that Macs are infected at a higher rate than PCs. This may be due to the Mac’s longstanding reputation for malware resistance. As for iOS, Apple got it right from the start. This platform has so much security built in that it is almost impossible for an attack to succeed (almost, but not completely). This protection also means that it is almost impossible to write an iOS antivirus. Use the time and money you saved to not install iOS Protection to triple check all your other devices.
For tips on starting to lock your devices, please read How to Check Security Software, Settings, and Status.
Like what you read?
sign for Security Monitor A newsletter of our top privacy and security stories delivered straight to your inbox.