Viruses and Other Malware on Your Mac with Mountain Lion
A virus could cause your Mac running OS X Mountain Lion to misbehave. A computer virus is a nasty little piece of computer code that replicates and spreads from disk to disk; some viruses can destroy files or erase disks with no warning.
Malware (short for malicious software) is software that’s hostile, intrusive, annoying, or disruptive. Malware is often designed to gain unauthorized access to your computer and/or collect personal data (including passwords) without your knowledge.
The difference between a virus and other types of malware is that malware doesn’t spread by itself. It relies upon trickery, mimicry, and social engineering to induce unsuspecting users to open a malicious file or install a malicious program. So a virus is a type of malware, but not all malware is viral.
You don’t hear much about viruses on the Mac because there have been few (if any) since the dawn of the modern OS X era (so many big cats ago). Almost all viruses are specific to an operating system — Mac viruses won’t affect Windows users, Windows viruses won’t affect Mac users, and so forth, and the vast majority of known viruses affect only (you guessed it) Windows.
The one real exception here is a gift from the wonderful world of Microsoft Office (Word and Excel, for example) users: the dreaded macro viruses that are spread with Word and Excel documents containing macros written in Microsoft’s VBA (Visual Basic for Applications) language. But you’re safe even from those if you practice safe computing (although you can unknowingly pass them along to Windows users).
As it happens, so far, much of the viral activity affecting OS X involved various Windows macro viruses. Sadly, a very real threat known as Flashback appeared in early 2012. It exploited a security flaw in Java and stealthily installed itself on Macs. Soon after its discovery, Apple issued software updates for OS X that removed the malware and corrected the security flaw.
By default, your Mac automatically checks for software updates every week, but you can change that setting in the Software Update System Preference Pane. Click the Check Now button to run Software Update manually and check for the latest updates. The moral of the story is that it’s usually a good idea to install Apple updates sooner rather than later.
So while there was at least one piece of truly malicious software spotted in the wild, others are spread mostly via social engineering. So here’s how to protect yourself:
Disable Open Safe Files after Downloading in Safari Preferences.
If a suspicious alert or window appears on your screen, Force Quit your web browser (Apple→Force Quit or Command+Option+Esc) immediately.
If the OS X Installer launches for no apparent reason, do not click Continue! Don’t install the software, and for heaven’s sake, don’t type your administrator password.
Don’t run any installer — the one built into OS X or a third-party kind — unless you’re absolutely certain that it came from a trusted source.
Don’t use credit or debit cards with unfamiliar vendors and/or insecure websites.
If you use disks that have been inserted into other computers, you need some form of virus-detection software. If you download and use files from web and File Transfer Protocol (FTP) sites on the Internet, you need some form of virus detection as well.
You don’t have too much to worry about if
You download files only from commercial online services, such as AOL, CNET, or MacUpdate, which are all very conscientious about malware.
You use only commercial software and never download files from websites with strange names.
You should definitely worry about malicious infection if
An unsavory friend told you about a website called Dan’sDenOfPiratedIllegalStolenBootlegSoftware.com, and you actually visited it.
You swap disks or USB thumb drives with friends regularly.
You shuttle disks or USB thumb drives back and forth to other Macs.
You use your disks or USB thumb drives at public computers or printing shops.
You download files from various and sundry places on the Internet, even ones that don’t sound as slimy as Dan’sDenOfPiratedIllegalStolenBootlegSoftware.com.
You receive e-mail with attachments (and open them).