-->
- See All Results For This Question
- Scan My Computer For Viruses Windows 10
- How To Get Virus Off Mac
- Virus Protection For Mac | How To Check Mac For Viruses
Important
The improved Microsoft 365 security center is now available in public preview. This new experience brings Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender, and more into the Microsoft 365 security center. Learn what's new. This topic might apply to both Microsoft Defender for Endpoint and Microsoft 365 Defender. Refer to the Applies To section and look for specific call outs in this article where there might be differences.
Applies to:
Apple helps you keep your Mac secure with software updates. The best way to keep your Mac secure is to run the latest software. When new updates are available, macOS sends you a notification — or you can opt in to have updates installed automatically when your Mac is not in use. MacOS checks for new updates every day and starts applying them in the background, so it's easier and faster. Plug in your scanner or multifunction printer. In most cases, you'll connect it to your Mac with a USB cable that attaches from the scanner's (or printer's) port to the back or side of your Mac. Alternatively, you can use a wireless-enabled printer or scanner through your local Wi-Fi connection.
Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.
This topic describes how to install, configure, update, and use Defender for Endpoint for Mac.
Caution
Running other third-party endpoint protection products alongside Defender for Endpoint for Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring MDATP for Mac antivirus functionality to run in Passive mode.
What's new in the latest release
Tip
If you have any feedback that you would like to share, submit it by opening Microsoft Defender for Endpoint for Mac on your device and navigating to Help > Send feedback.
To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac devices), configure your macOS device running Microsoft Defender for Endpoint to be an 'Insider' device.
How to install Microsoft Defender for Endpoint for Mac
Prerequisites
- A Defender for Endpoint subscription and access to the Microsoft Defender Security Center portal
- Beginner-level experience in macOS and BASH scripting
- Administrative privileges on the device (in case of manual deployment)
Installation instructions
There are several methods and deployment tools that you can use to install and configure Defender for Endpoint for Mac.
Third-party management tools:
Command-line tool:
System requirements
The three most recent major releases of macOS are supported.
Important
On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on New configuration profiles for macOS Catalina and newer versions of macOS.
Important
Support for macOS 10.13 (High Sierra) will be discontinued on February 15th, 2021.
- 11 (Big Sur), 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
- Disk space: 1GB
Beta versions of macOS are not supported.
After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
Licensing requirements
Microsoft Defender for Endpoint for Mac requires one of the following Microsoft Volume Licensing offers:
- Microsoft 365 E5 (M365 E5)
- Microsoft 365 E5 Security
- Microsoft 365 A5 (M365 A5)
Note
Eligible licensed users may use Microsoft Defender for Endpoint on up to five concurrent devices.Microsoft Defender for Endpoint is also available for purchase from a Cloud Solution Provider (CSP). When purchased via a CSP, it does not require Microsoft Volume Licensing offers listed.
Network connections
The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them.
| Spreadsheet of domains list | Description |
|---|---|
| Spreadsheet of specific DNS records for service locations, geographic locations, and OS. Download the spreadsheet here: mdatp-urls.xlsx. |
Microsoft Defender for Endpoint can discover a proxy server by using the following discovery methods:
- Proxy autoconfig (PAC)
- Web Proxy Autodiscovery Protocol (WPAD)
- Manual static proxy configuration
If a proxy or firewall is blocking anonymous traffic, make sure that anonymous traffic is permitted in the previously listed URLs.
Warning
Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used.
SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender for Endpoint for Mac to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.
If you prefer the command line, you can also check the connection by running the following command in Terminal:
The output from this command should be similar to the following:
OK https://x.cp.wd.microsoft.com/api/report
OK https://cdn.x.cp.wd.microsoft.com/ping
Caution
We recommend that you keep System Integrity Protection (SIP) enabled on client devices. How to enter time machine mac. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
Once Microsoft Defender for Endpoint is installed, connectivity can be validated by running the following command in Terminal:
How to update Microsoft Defender for Endpoint for Mac
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender for Endpoint for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see Deploy updates for Microsoft Defender for Endpoint for Mac.
How to configure Microsoft Defender for Endpoint for Mac
Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender for Endpoint for Mac.
macOS kernel and system extensions
In alignment with macOS evolution, we are preparing a Microsoft Defender for Endpoint for Mac update that leverages system extensions instead of kernel extensions. For relevant details, see What's new in Microsoft Defender for Endpoint for Mac.
Resources
For more information about logging, uninstalling, or other topics, see Resources for Microsoft Defender for Endpoint for Mac.
Privacy for Microsoft Defender for Endpoint for Mac.
My friend, who knows that I run a blog about Macs and especially the security aspect of Apple computers, called me yesterday and told me about the situation in which most Mac users would be one day. His coworker gave him a USB flash drive with a program that needs to be installed on his laptop.
Naturally a very cautious person, my friend first called me and asked whether it's safe just to plug the flash drive in or is there a better and secure way. He was afraid that he could catch malware on his MacBook by simply inserting a disk.
Mac mouse macro. So, this is what I answered.
There are free antimalware apps, such as Bitdefender or Avast, that can scan a USB drive for viruses on Mac. Do not use Malwarebytes as it does not have the capability to scan individual disks. Do not open any documents or run any programs on the external devices until the virus scan is completed.
Now, let's unpack what I suggested above.
Here's How To Scan External Drives For Virus On Mac
1. Download And Install Antimalware App For Mac
It is very important to have this step done first. You want to have an antivirus to be installed before plugging an external device, not after.
Now, I am not suggesting that once you plug in an external device to your Mac, the malware will immediately jump from the device to the main disk.
Computer viruses are just like regular biological ones. While a bio virus is in the container, it cannot harm anyone. Bad things happen when someone breaks or opens the container.
The malware works in the same fashion. In order for it to contaminate the computer, it must be activated.
If it's a macro virus on Excel, one needs to open the Excel sheet and allow macros to run. If it's injected into a program, then someone must start the program to activate the malware.
Unlike Windows, macOS does not have an autorun functionality that kicks in when a new device is connected. It used to be enabled in earlier OS X versions but is disabled in the latest macOS versions.
But even then, I still recommend installing AV before using unknown devices simply because you may accidentally click on an infected file on the drive.
If you just want to check one USB drive, you may think it's not worth buying an antivirus.
So, for those who are looking for free tools, there are only three true free antimalware programs for Macs on the market: Bitdefender scanner, Avast, and Malwarebytes.
Every other 'free' antimalware product only offers free trials unlike the three mentioned above which never expire.
Malwarebytes is a very good tool, but you can't use it to scan drives, external or internal, as I mentioned above. It's only capable of catching malware, which runs in memory, so Malwarebytes will not work in this case.
Installing Bitdefender
Bitdefender Virus Scanner is the easiest to install. You don't even need to go to their web site. Just go to Mac App Store and type 'Bitdefender virus scanner' and get the free one. After installation, the app will ask a couple of questions, just agree and proceed.
Installing Avast
Avast is a great program. It's way better than free Bitdefender in terms of functionality and scan quality, but it's harder to install.
To install Avast, go to their site and download the free version for Mac.
Find the install media in the Downloads folder and then double click on the Install Avast security icon.
Follow the instructions and enter the admin password when asked.
One thing that all AVs require (except Bitdefender scanner) is that they ask for permissions which user needs to do manually.
All you have to do is open System Preferences, then open Security and Privacy. Click on the padlock icon at the bottom of the page and enter the admin password. After that, click on the Allow button to unblock Avast.
Also, you will need to give Full Disk Access. The instructions are here.
See All Results For This Question
Which Antivirus is Better?
If you compare Bitdefender free scanner or free Avast, then the latter is the best. It comes with way more features, and it has a better scanner. However, neither program is my top choice.
Unlike most other bloggers who write about antivirus solutions from other people's words, I spent almost two weeks testing a dozen programs after injecting my Mac with hundreds of malware samples.
According to my study, the top three antimalware products were Norton, VIPRE, and Intego. Only this trio correctly identified and removed 100% of threats. Even Avast missed some, and Bitdefender missed even more.
Below is a table with AV products and how much malware they detected:
In this article, I will use Intego as an alternative to free software. By the way, you can download the free Intego trial (link) and check the USB drive with no charge.
Obviously, it's up to you which software to choose, but in my opinion, having an antivirus that can miss even virus is almost the same as not having no antivirus at all.
Installing Intego
Installing Intego is similar to Avast (or any other program that needs full access to the disk).
Just download the install media and follow instructions. You will need to enter your email at one point, but that's it.
Again, unblock Intego in the Security and Privacy section of System Preferences and give full disk access.
2. Plug The External Drive Into USB port on Mac
Once an antivirus is installed, you can insert the drive into your Mac. However, note that you should still avoid opening documents or running apps from the external drive, especially with Bitdefender.
The biggest difference between Bitdefender scanner and Avast and Intego is that the former scans only on demand.
In other words, if you have a virus on the disk (internal or external) and you access the files, the virus can get into your computer.
Scan My Computer For Viruses Windows 10
On the other hand, Avast and Intego check files for threats before letting them run in memory.
3. Point The Antivirus To External Drive And Run Scan
All three products allow selecting individual drives for scanning.
Scanning with Bitdefender
Bitdefender has three scan options: Critical Locations, Deep Scan, and Custom. For our purpose, click on Scan a Custom Location. In the browse window, select the USB drive and click on the Scan button.
If the Bitdefender scanner finds any adware, it will suggest downloading an Adware removal tool (also free).
One thing I should note that in my tests free Bitdefender scanner performed far worse than the paid Bitdefender. I didn't record the number, but as far as I remember, the free version's detection rate was around 75%.
So, if you really like Bitdefender consider investing in their paid product.
Warning
Authenticated proxies are not supported. Ensure that only PAC, WPAD, or a static proxy is being used.
SSL inspection and intercepting proxies are also not supported for security reasons. Configure an exception for SSL inspection and your proxy server to directly pass through data from Microsoft Defender for Endpoint for Mac to the relevant URLs without interception. Adding your interception certificate to the global store will not allow for interception.
To test that a connection is not blocked, open https://x.cp.wd.microsoft.com/api/report and https://cdn.x.cp.wd.microsoft.com/ping in a browser.
If you prefer the command line, you can also check the connection by running the following command in Terminal:
The output from this command should be similar to the following:
OK https://x.cp.wd.microsoft.com/api/report
OK https://cdn.x.cp.wd.microsoft.com/ping
Caution
We recommend that you keep System Integrity Protection (SIP) enabled on client devices. How to enter time machine mac. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
Once Microsoft Defender for Endpoint is installed, connectivity can be validated by running the following command in Terminal:
How to update Microsoft Defender for Endpoint for Mac
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender for Endpoint for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see Deploy updates for Microsoft Defender for Endpoint for Mac.
How to configure Microsoft Defender for Endpoint for Mac
Guidance for how to configure the product in enterprise environments is available in Set preferences for Microsoft Defender for Endpoint for Mac.
macOS kernel and system extensions
In alignment with macOS evolution, we are preparing a Microsoft Defender for Endpoint for Mac update that leverages system extensions instead of kernel extensions. For relevant details, see What's new in Microsoft Defender for Endpoint for Mac.
Resources
For more information about logging, uninstalling, or other topics, see Resources for Microsoft Defender for Endpoint for Mac.
Privacy for Microsoft Defender for Endpoint for Mac.
My friend, who knows that I run a blog about Macs and especially the security aspect of Apple computers, called me yesterday and told me about the situation in which most Mac users would be one day. His coworker gave him a USB flash drive with a program that needs to be installed on his laptop.
Naturally a very cautious person, my friend first called me and asked whether it's safe just to plug the flash drive in or is there a better and secure way. He was afraid that he could catch malware on his MacBook by simply inserting a disk.
Mac mouse macro. So, this is what I answered.
There are free antimalware apps, such as Bitdefender or Avast, that can scan a USB drive for viruses on Mac. Do not use Malwarebytes as it does not have the capability to scan individual disks. Do not open any documents or run any programs on the external devices until the virus scan is completed.
Now, let's unpack what I suggested above.
Here's How To Scan External Drives For Virus On Mac
1. Download And Install Antimalware App For Mac
It is very important to have this step done first. You want to have an antivirus to be installed before plugging an external device, not after.
Now, I am not suggesting that once you plug in an external device to your Mac, the malware will immediately jump from the device to the main disk.
Computer viruses are just like regular biological ones. While a bio virus is in the container, it cannot harm anyone. Bad things happen when someone breaks or opens the container.
The malware works in the same fashion. In order for it to contaminate the computer, it must be activated.
If it's a macro virus on Excel, one needs to open the Excel sheet and allow macros to run. If it's injected into a program, then someone must start the program to activate the malware.
Unlike Windows, macOS does not have an autorun functionality that kicks in when a new device is connected. It used to be enabled in earlier OS X versions but is disabled in the latest macOS versions.
But even then, I still recommend installing AV before using unknown devices simply because you may accidentally click on an infected file on the drive.
If you just want to check one USB drive, you may think it's not worth buying an antivirus.
So, for those who are looking for free tools, there are only three true free antimalware programs for Macs on the market: Bitdefender scanner, Avast, and Malwarebytes.
Every other 'free' antimalware product only offers free trials unlike the three mentioned above which never expire.
Malwarebytes is a very good tool, but you can't use it to scan drives, external or internal, as I mentioned above. It's only capable of catching malware, which runs in memory, so Malwarebytes will not work in this case.
Installing Bitdefender
Bitdefender Virus Scanner is the easiest to install. You don't even need to go to their web site. Just go to Mac App Store and type 'Bitdefender virus scanner' and get the free one. After installation, the app will ask a couple of questions, just agree and proceed.
Installing Avast
Avast is a great program. It's way better than free Bitdefender in terms of functionality and scan quality, but it's harder to install.
To install Avast, go to their site and download the free version for Mac.
Find the install media in the Downloads folder and then double click on the Install Avast security icon.
Follow the instructions and enter the admin password when asked.
One thing that all AVs require (except Bitdefender scanner) is that they ask for permissions which user needs to do manually.
All you have to do is open System Preferences, then open Security and Privacy. Click on the padlock icon at the bottom of the page and enter the admin password. After that, click on the Allow button to unblock Avast.
Also, you will need to give Full Disk Access. The instructions are here.
See All Results For This Question
Which Antivirus is Better?
If you compare Bitdefender free scanner or free Avast, then the latter is the best. It comes with way more features, and it has a better scanner. However, neither program is my top choice.
Unlike most other bloggers who write about antivirus solutions from other people's words, I spent almost two weeks testing a dozen programs after injecting my Mac with hundreds of malware samples.
According to my study, the top three antimalware products were Norton, VIPRE, and Intego. Only this trio correctly identified and removed 100% of threats. Even Avast missed some, and Bitdefender missed even more.
Below is a table with AV products and how much malware they detected:
In this article, I will use Intego as an alternative to free software. By the way, you can download the free Intego trial (link) and check the USB drive with no charge.
Obviously, it's up to you which software to choose, but in my opinion, having an antivirus that can miss even virus is almost the same as not having no antivirus at all.
Installing Intego
Installing Intego is similar to Avast (or any other program that needs full access to the disk).
Just download the install media and follow instructions. You will need to enter your email at one point, but that's it.
Again, unblock Intego in the Security and Privacy section of System Preferences and give full disk access.
2. Plug The External Drive Into USB port on Mac
Once an antivirus is installed, you can insert the drive into your Mac. However, note that you should still avoid opening documents or running apps from the external drive, especially with Bitdefender.
The biggest difference between Bitdefender scanner and Avast and Intego is that the former scans only on demand.
In other words, if you have a virus on the disk (internal or external) and you access the files, the virus can get into your computer.
Scan My Computer For Viruses Windows 10
On the other hand, Avast and Intego check files for threats before letting them run in memory.
3. Point The Antivirus To External Drive And Run Scan
All three products allow selecting individual drives for scanning.
Scanning with Bitdefender
Bitdefender has three scan options: Critical Locations, Deep Scan, and Custom. For our purpose, click on Scan a Custom Location. In the browse window, select the USB drive and click on the Scan button.
If the Bitdefender scanner finds any adware, it will suggest downloading an Adware removal tool (also free).
One thing I should note that in my tests free Bitdefender scanner performed far worse than the paid Bitdefender. I didn't record the number, but as far as I remember, the free version's detection rate was around 75%.
So, if you really like Bitdefender consider investing in their paid product.
Scanning with Avast
Avast has a concept of the so-called shields: three of them are free, and the fourth (Ransomware Shield) is paid.
There is a green Run Smart Scan at the center of the screen, which will scan the entire Mac. Next to the green button is a magnifier glass, which opens more scan options. Click on that icon. Now you can run the USB/DVD scan. Click on the button, choose the drive, and wait.
When Avast finishes the scan, it will present a list of malware found. All you need to do now is to click on the Resolve button.
Scanning with Intego
The Intego interface is very simple and easy to use. Under the first tab, there will be options to scan either the entire Mac or any external devices. Click on the circle next to your USB drive and then Scan.
After the scan, you will be presented with the results, and from here, you can either Trust or Quarantine. Once files are moved to the Quarantine, you can either Delete All or individual files.
4. Rerun The Scan Second Time
This step is very important. Computer viruses are notoriously hard to remove because they have the ability to replicate themselves.
Even if the infected file was deleted from one folder, there is always a possibility that it may be copied to another location.
So, to avoid these, I suggest running the scan multiple times. At least until the antimalware product finds no threats twice in a row.
5. Scan With A Different Antivirus For Best Results
How To Get Virus Off Mac
In the computer security world, there is a concept called zero-day vulnerability. It means that when a virus is initially created, there is no antidote for it in most cases.
And it makes sense that the antidot gets created after disease, not before. And once the threat is out, the security companies try to find solutions as quickly as possible.
It is possible that one company will find a cure before others. It is also possible that different antimalware products fail to find different exploits.
One company that responds to attacks on Apple computers is Apple itself. macOS has two features, XProtect and Gateway, that are designed to protect from malware, but they get updated very infrequently.
My point is if you want to be absolutely safe, it makes sense to use at least two AVs to scan.
The problem is that most AVs are incompatible with each other, and often in order to install a new antivirus, you have to uninstall the old one first.
6. Erase The Drive If Its Contents Are Not Important
Sometimes the file can not be deleted. There could be multiple reasons.
For instance, if the USB drive was formatted as NTFS. NTFS is a Windows file format, and Macs can read from drives formatted this way.
The problem is that macOS cannot make any changes to NTFS drives. In this case, the antimalware program will not be able to delete the virus. Here's how it looks in the case of Avast:
Virus Protection For Mac | How To Check Mac For Viruses
So, what's the solution? If you don't care about the files on the drive, then you can simply erase it. And don't worry, viruses will not be able to escape from the reformatted drive (unless you purchase an expensive unformat tool).
Here are instructions on how to erase external drives and which format to choose.
And that's all you need to know about scanning USB drives for viruses on Mac.
Be safe!
