Microsoft Ships Antivirus For macOS as Windows Defender Becomes Microsoft Defender

Microsoft is bringing its Windows Defender anti-malware application to macOS -- and more platforms in the future -- as it expands the reach of its Defender Advanced Threat Protection (ATP) platform. From a report: To reflect the new cross-platform nature, the suite is also being renamed to Microsoft Defender ATP, with the individual clients being labelled "for Mac" or "for Windows." macOS malware is still something of a rarity, but it's not completely unheard of. Ransomware for the platform was found in 2016, and in-the-wild outbreaks of other malicious software continue to be found. Apple has integrated some malware protection into macOS, but we've heard from developers on the platform that Mac users aren't always very good at keeping their systems on the latest point release. Further reading: Microsoft launches previews of Windows Virtual Desktop and Defender ATP for Mac.

the audacity

[izzo+nizzo]

This is the height of arrogance. Microsoft's poor architecture is responsible for all the spam and viruses and e-waste in the world. They're the reason why everyone has to rely on Google rather than running their own SMTP. They created entire industries of fraud that have led much of the developing world into lives of crime.

Re: the audacity

Smithers release the hounds

Re:the audacity

You are a fucking moron. Wow.

Re:the audacity

[Rosco+P.+Coltrane]

Normally I would quickly read an AC post such as yours and dismiss it as a troll post, but in this case you're dead right.

Re: the audacity

Or the mechanical richard simmons to appease the apple fanboith.

Re:the audacity

Microsoft single handedly ruined the evolution of computers. What if we had a ubiquitous and long-standing history of a really good OS instead of Windows? Imagine how much better things would be.

And now Microsoft stoops to spyware and purposefully introduced insecurities with Windows 10.

Re:the audacity

Your last sentence nails it. This is being sold as antivirus, but in reality it'll be a way for Microsoft to start gathering data on MacOS users dumb enough to believe Microsoft has their best interests at heart. I have to imagine that's a small subset of Mac users, but I'd imagine some will fall for it.

Re:the audacity

[jellomizer]

Most of the Microsoft Architectural problems have been fixed for a while. The biggest problem was the MSDOS based versions of Windows ending with Windows ME.
Once Microsoft started taking security seriously and getting away from the idea that the End User is trusted enough to make good security decisions. Things have gotten much better.
But the biggest problem with Microsoft in terms of Security is just how many people are using their system. If you wanted to make a Spam Bot, or infect a system on an open network, you would probably target a windows system, As chances are there will be someone running one directly hooked to their cable modem somewhere. Wide open, Logged in as Admin,

Re:the audacity

[DigiShaman]

It's purely a marketing move. I can see the advertisements now.

"Windows so secure, we're porting over protection to OSX so that users of MS Office can also benefit from Microsoft technology"...or some such.

Re: the audacity

[Type44Q]

Things have gotten much better.

And your statement can be easily prove just by looking at users' fondness for Windows 10.

Or not, as the case may be.

Re:the audacity

But I loved how easy it was to defend myself back in that day. Typical system : running Windows XP Home or Pro Corporate, logged in as a admin, direct connection, Internet Explorer 6. Mine was Windows 98 (SE), behind a router and using Firefox 0.x and 1.x. It was unbreakable even running random binaries found on the web, like trying to find interesting freeware on the Simtel websites if you remember that one, or the demoscene or individual authors.

It got nasties when I was using Internet Explorer 5 (great browser that was on speed and memory usage and also turned into a file manager and transparently handled FTP and SMB). You just caught crap by browsing any website but the malware mostly consisted in opening porn windows without your permission.

Re:the audacity

"What if we had a ubiquitous and long-standing history of a really good OS instead of Windows?"
Nothing was stopping anyone from building a better OS. MS didn't start life as a dominating company capable of keeping competitors at by using large amounts of money or a large patent portfolio. All that came much later. Early on MS didn't even dominate the application space in either DOS or Windows. Word Perfect, Lotus 1-2-3, and Dbase were the dominate applications on the MS platform and the principles behind these applications were flaming idiots and can blame no one but themselves from losing their market share to MS Office. Netscape had over a 90% share of the early browser market and they also allowed IE to come late to the party and displacing Netscape from the market leading browser. Netscape is still a case study in how to mismanage technical achievements and utterly ruin a good piece of software. Apple could have been a competitor but they decided to go with a 100% proprietary software and hardware platform while MS went with a commodity driven platform that allowed 3rd party software and hardware. Apple was on the brink of closing up shop because they could not compete with MS in cost. Of curse this opened the door for MS to take over the corporate market on cost alone. It was the iPod that saved Apple not their desktop or laptop computers just like it is the iPhone that drives the bulk of the revenue today.

Re:the audacity

[jellomizer]

I am not sure if PC computing history went a different direction things would be any better.

Lets go back to the 1980's PC Market.
IBM (IBM Compatibles) had MSDOS
Apple Used Basic, with self booting floppies.
Commodore 64 was basic, with "self booting" cartridges.
TRS-80 with TRSDOS

In general all these early systems were so primitive and designed for single use The UNIX, VMS and other Mainframe OS's were just to system intensive to run on these early PC's to be affordable for a normal middle class family to own. These Early PC OS's had a few commands, and mostly just populated RAM in its executable sections with the program code, and pointed the program counter to that location.

These all these early PC OS's are acceptable to viruses. Now the MSDOS system because of the PC Compatible market, and with a legal loophole IBM had. Created a Generation of software build around MSDOS Compatibility Up to Windows ME. Because these OS's needed to be backwards compatible with older software, they kepts on hacking and tricking the DOS Environment to keep working. The NT Kernel got rid of a lot of the DOS code, but still had limited compatibility, which still lead to security problems. But the problems moved from easy virus code, to problems with access and authentication, mainly because Multi-tasking, Multi-User OS's was a new thing for the home User, and the fact that software can run in the background without a UI is possible, making it a problem.

I can see this problem happening over and over again with different vendors being king. There is little chance, a successful PC back in the 1980s will run a UNIX system, and in the 1990's when they could run a Unix or Linux system, they would break compatibility and decades of purchased software.

Re: the audacity

You do realize ms dos was an unlawful Rip-off of dr dos, right? Also there was gem, os/2 way ahead of Microsoft Windows.

Re:the audacity

You aren't looking hard enough in the history. There *were* multi-user multi-tasking systems with clean execution models and, if they hadn't mostly died under the shade of the 'big' OSes, could have given us a much better evolution of home computing. AmigaDOS, GEM, OS-9 (not mac OS9, OS-9 the UNIX-like RTOS that ran in under 64KB), ... there were many much better choices, but sadly whatever IBM and Microsoft pooped out on the world was destined to win through sheer force of marketing and mindshare.

Similarly, there were much better CPU and bus architectures (68K, VME, original ARM with the Archimedes series) that all were much, much nicer to program for, but were killed under the weight of the almightly IBM/MS cartel.

Re:the audacity

[SirSlud]

I love the idea that some people believe all this nonsense.

Re:the audacity

[hairyfeet]

Riiight, cuz there aren't any OSX, Linux, or Android bugs and they haven't existed for decades...oh wait. As you can see the first malware wasn't even for MS-DOS, it was on DEC PDP-10.

Did MSFT make serious fuck ups? Yup and so has Linux, OSX, Unix,DEC, IBM with their System OSes, if its able to run programs and is more complex than a Hello World program? There is gonna be bugs, because humans are fallible.

Re:the audacity

[AHuxley]

A PRISM AV brand for lots of different computers.

Re: the audacity

There is a difference between bugs in the system and bad system design.

Re:the audacity

Slash was built with ACs ignore the noise

Re:the audacity

[thegarbz]

They're the reason why everyone has to rely on Google rather than running their own SMTP.

Man if your ignorance on spam was any thicker we could use it as a magic new building material. The fact you can create your own SMTP server in a few lines of code is the reason why we have spam. In that regard every system is vulnerable to becoming a spambot and if you actually knew what you were talking about you'd be implicating Linux, after all it is the Wordpress platform of choice.

Re: the audacity

[jellomizer]

The fondness for Windows 10 of lack of, is mostly due the UI overall that they did in Window 8. Windows 95-7. Had minor updates to its UI off the same design (Start button, menu) model. The Tile Interface, really doesn't work for a Desktop Environment. Its reliance on the search feature to navigate beyond the most common items is a big change too.

Re:the audacity

[jellomizer]

I didn't include them, because many of them were not multi-tasking systems, Windows 3.1 I wouldn't call a multi-tasking system either, they may support multi-applications, but not multi-tasking.

Telemetry vector?

[kbonin]

Reminds me of Microsoft Visual Studio Code - lots of people at work raved about this app, but when I tried it on my MacBook its as full of telemetry as any Windows 10 app - no thanks! (Without Radio Silence to firewall outbound connections...) Since A/V normally has elevated permissions, and Microsoft's attitude about telemetry seems to be 'your computer and your data are ours and you can't do anything about it', how can we trust this?

Re: Telemetry vector?

Sounds like you need one of those smart Microsoft consultants to come hold your hand

Re:Telemetry vector?

i disabled it on my windows 7 box when they changed the terms of service about 2 yers or so ago relating to telemetry...

Re:Telemetry vector?

And which commercial software vendor do not submit telemetry?

Re:Telemetry vector?

It's open source, remove the telemetry yourself.
Better yet, show me the telemetry.

Re:Telemetry vector?

[Dogtanian]

The only way I'll consider this product remotely credible against malware is if it runs its first scan, detect itself as spyware, then terminates its own installation with extreme prejudice.

Re:Telemetry vector?

[Chewbacon]

What Microsoft fails to consider is you CAN do something about it, like go with a competitor.

Re:Telemetry vector?

[ljw1004]

Reminds me of Microsoft Visual Studio Code - lots of people at work raved about this app, but when I tried it on my MacBook its as full of telemetry as any Windows 10 app

Maybe just maybe -- (1) people raved about it, (2) they raved about it because it's good, (3) it's good because they had the right telemetry to know how to achieve this, (4) better telemetry in the sense of being more representative and more actionable comes from it being opt-out rather than opt-in.

I don't like telemetry. I'm a hypocrite free-loader -- I turn off telemetry on software I run on my own machine, but I happily enjoy the the better products that come from better telemetry submitted by other people.

Re:Telemetry vector?

[The_Revelation]

Also an attack vector: https://www.cyberscoop.com/cri...

Microsoft software is so bad at security that it is individually the reason for the existence of most anti-malware products. I don't see how this move helps anyone.

Re:Telemetry vector?

You have to specifically enable telemetry with a compile flag when building VS Code. The Microsoft binaries have it enabled of course, because how else can you get metrics on the features your users are actually using? How can you get crash stats and such? Good software needs some telemetry. Windows 10 is zealous about it to the point of absurdity, but VS Code and dotnet are pretty conservative.

If you're in that bizarre category of concerned enough about telemetry, but too lazy to compile your own crap, then T-Free builds exist.
Like: https://github.com/VSCodium/vscodium

ATP? Sounds like intentional TLA typo of APT

Better welcome the anonymous TLA overlords and their M$ Defender APT.

Make a Linux version also!

[Rosco+P.+Coltrane]

I can't wait to be able to install security software from a company with as sterling a track record as Microsoft's on my servers!

Also, totally unrelated, today is World Down Syndrome Day, and I have a MCSE.

Re:Make a Linux version also!

meanwhile, in the real world, guess whose racing ahead?

https://www.cvedetails.com/top...

lols

Expanding it's data collection to MacOS now?

[QuietLagoon]

Since the Windows 10 data collection system doesn't run on Macs, is Microsoft using Microsoft Defender as a foot in the door to get data collection installed on Macs?

Re:Expanding it's data collection to MacOS now?

[UnknowingFool]

That’s the way I read it too.

Re:Expanding it's data collection to MacOS now?

That's exactly how I interpreted it and I'm not even in IT. I just browse Slashdot to stay a few months ahead of "Ermagawd, breaking hackers news!" on regular media. (I don't know, I like to shore up exploits ASAP for some strange reason.)

Rather than a foot in the door I'd say "we're going to suck your data like a car wash vacuum" is already baked in. Have fun interpreting that EULA...

Re:Expanding it's data collection to MacOS now?

[Voyager529]

Since the Windows 10 data collection system doesn't run on Macs, is Microsoft using Microsoft Defender as a foot in the door to get data collection installed on Macs?

I absolutely wouldn't put it past them...but the math isn't exactly bulletproof, either.

I don't know the exact requirements for sandboxing when it comes to apps in the OSX App Store, but I can't imagine Apple letting MS run free with root privileges from their walled garden without at least giving it far greater scrutiny. Sure, it's not perfect, but it's also the sort of entry that is simply incapable of flying under the radar.
If MS isn't going to go the App Store method, that creates plenty of problems. With MS trying to push its own app store on the Windows side, MS relying on sideloading isn't going to resonate with OSX users, and it won't reflect well on their own efforts to funnel software through the app store. It behooves them to play by the rules.

Next, uploading questionable samples has been standard practice for *decades*. Everyone has done it, from Symantec and McAfee to Avast and AVG. If it's suddenly a problem with MS doing it, then it's not a problem with the principle, but the actor. That's understandable to a good extent, but let's at least start from a baseline that MS performing a common industry practice *and holding to that practice under the same standards and expectations as everyone else* isn't necessarily cause for alarm.
Now, perhaps MS will be the first one to try and do mass data uploading...but it would be incredibly foolish because Apple has enough bigger lawyer diplomacy that they went up against the federal government and won. If Apple was willing to face off against the FBI on behalf of a dead terrorist, and they were willing to go against their own parts supplier, I can't imagine them giving MS a pass for exfiltrating data like that.

Even if there was a whiff of foul play, odds are good that the OSX folks would either say 'screw it', or use Sophos or Bitdefender, both of whom have free OSX antivirus applications available and aren't Microsoft.

Finally, MS can get plenty of data from OSX users. MS Office is still very popular on OSX, and defaults to saving to OneDrive on their consumer offerings. The-Office-365-that-is-hosted-Exchange, and its personal variant Outlook.com, both work on OSX both in a browser and through the Mail app. Sure, it's not the juicyness that is Safari's browsing history or Windows 10's "upload-everything-to-OneDrive persuasion"...but it is still some useful data if they were going down that road.

Maybe this is MS's trojan horse, maybe it isn't...but I'm having a bit of trouble believing Microsoft is spending so much of its time evading Apple's radar to surreptitiously upload data through the back door when they're already getting massive amounts of data through the front door.

Future predictions

[UnknowingFool]

If would be ironic if someone found a way to use Defendwr to put viruses on a Mac.

Re:Future predictions

Why would you need to use defender to do that? Isn't MacOS the OS that had the workaround for booting in to root?

It's not like Apple has a stellar reputation for security.

Re:Future predictions

That's exactly what will happen. Antivirus software is just another vector for attacks.

Re: Future predictions

I wait for the first goddamn company I work for to expect me to install this on my computer or else I canâ(TM)t join their VPN which I have to use to access stuff that would be better protected using TLS/SSH anyways.

Re:Future predictions

If would be ironic if someone found a way to use Defendwr to put viruses on a Mac.

Done. Next!

loading external libraries ...

and a person that rhyms with "works" just turned over in his grave ...

No Thanks

No need to have MS "Telemetry" inserted into my pristine macOS in the guise of (unnecessary) "Anti-Malware protection".

autophagy?

[Cuban+Devil]

Will it remove itself?

Re:autophagy?

No but considering the security issues with macOS itself, it may just as likely kill itself in shame and agony.

can't be any worse than Symantec Endpoint Protecti

Maybe starting from scratch M$ can make something that doesn't steal 30% of my processor cycles like SEP. Turns my 2016 MBP at work into my home 2007 MBP. Thank science I don't need to run that kind of garbage at home.

More abuse than that? My experience:

[Futurepower(R)]

"This is being sold as antivirus, but in reality it'll be a way for Microsoft to start gathering data on MacOS users..."

Microsoft has apparently abandoned the policy of making software that has only the stated goal. Microsoft does not describe updates accurately.

The result is that an update to "Microsoft Defender" can do anything Microsoft wants. An "update" can take control over your computer.

I recently ran Defender on a Windows 7 desktop computer. Immediately after weird things began happening. Is Microsoft trying to discourage the use of Windows 7?

It's the steps.

[DrYak]

In general all these early systems were so primitive and designed for single use

Yes, indeed. And weren't even network connected on any large scale, so not much targetted by malware.
Sneakernet was, for a long time, the only viable way for a virus to have an chance at replicating (until BBS were a thing).

The UNIX, VMS and other Mainframe OS's were just to system intensive to run on these early PC's to be affordable for a normal middle class family to own.

Yes, indeed. But on the other hand, those massive machine where multi-users, connected, and among the first to communicate across larger territories, once arpanet started existing.
Meaning that the knowledge about security, etc. did exist.
I wasn't relevant to apply it to Apple II computers or the first 8088-based IBM PC, but the knowledge did exist.

These Early PC OS's had a few commands, and mostly just populated RAM in its executable sections with the program code, and pointed the program counter to that location.
These all these early PC OS's are acceptable to viruses.

Again, I agree. These home machine were simple, and couldn't afford much in terms of security, and on the other hand, weren't much exposed to multi-users, networks, and menace (from anything else than sneakernet).

Now the MSDOS system because of the PC Compatible market, and with a legal loophole IBM had.

Still agree. MS-DOS getting popular was a fluke.

Mostly due to IBM designing an expensive machine (and slightly under-powered. Hey, you gotta protect your core business !) exclusively made out of common, off-the-shelf parts (gotta catchup after missing the micro-computer revolution). Giving a great opportunity to clone (anyone else could buy similar or better parts from the same metaphorical shelf) and make attempts at slightly better or cheaper alternatives.
Also IBM was a big brand, giving even more popularity to the platform.

And thus MS-DOS (and the BIOS underneath, be it IBM's original, or cloners' clean-room re-implementation's Phoenix) becoming a de facto standard.

Microsoft being already at that point marketing itself aggressively, of course were going to win (note that two other BASICs from your list were ALSO written by Microsoft: Apple's non-ROM/non-Integer BASIC is written by Microsoft (as opposed to the in-ROM Integer BASIC), Commodore's BASIC was single-licensed from Microsoft too). No matter which company took off, they were on board automatically.

Created a Generation of software build around MSDOS Compatibility Up to Windows ME. Because these OS's needed to be backwards compatible with older software, they kepts on hacking and tricking the DOS Environment to keep working.

That is the exact point where we start to disagree.
Microsoft systematically opted for the most lazy and fast fix-ups, because they wanted to concentrate more on marketing aggressiveness than on correctness.

e.g.: There was very little effort from either IBM or MS-DOS to standardize on anything but the few offerings of BIOS and DOS. To do anything but simple CLI software, you had to directly bang the hardware.
They could have worked together with various software developper to make something like standard libraries, etc.

Compare the situation with Mac OS which was much more reliant on API, AmigaOS which had strong API offering, etc.

The NT Kernel got rid of a lot of the DOS code, but still had limited compatibility, which still lead to security problems. But the problems moved from easy virus code, to problems with access and authentication, mainly because Multi-tasking, Multi-User OS's was a new thing for the home User, and the fact that software can run in the background without a UI is possible, making it a problem.

The problems were with mostly Microsoft trying to keep as much compatibility with older software than possible, b

DOS variants

[DrYak]

You do realize ms dos was an unlawful Rip-off of dr dos, right?

You're confusing the names.

Your mixing it up with Q-DOS, that's the thing that Microsoft ripped to quickly produce MS-DOS and license as PC-DOS to IBM.

DR-DOS is the earlya attempt at bringing multi-tasking to DOS, by Digital Research, the company making the *other* major OS back then i.e.: CP/M - the OS that inspired QDOS, and that Digital Research didn't manage to license to IBM.

QDOS and thus MS-DOS being close to CP/M was a big point for Microsoft. As said above CP/M was the major OS at the time, and having a very similar API meant that application developper could quickly writes port of their software for PC-DOS on the IBM PC.

DR-DOS also leverage the closeness: it's based on Concurrent DOS, which is based on CP/M-86 (which eventually added MS-DOS compatibility) and the whole CP/M family explored multi-tasking with MP/M-86 (including MP/M-86, direct predecessor of Concurrent DOS)).

Digital Research was a significant competitor to Microsoft, that's why Microsoft tried to crush them as much as possible.
(Including making the DOS-based Windows harder to run on DR-DOS)

Points of comparison

[DrYak]

It's not like Apple has a stellar reputation for security.

It's all depending on your point of reference.

Today's subject is Microsoft.

Compared to the nightmare of security, bugs and telemetry that is Microsoft, Apple and any other vendor HAS a stellar reputation.

Re:Avoid Microsoft for better MacOS security... ap

Avoid APK's work for security. It is close source shitware that has been proven to not provide any actual security but used over 14,000 lines of Pascal code to write a string sorter. Also why should one trust a prolific spammer with the security of their system.

It's Coming

If you RTFA and watched the marketing video, you would have noticed all the laptops with Tux penguins on them throughout. If I had to guess I'd say Linux is in scope and will follow the Mac version

Internet Explorer for Mac

So will Microsoft also port Windows viruses over to the Mac to give Microsoft Defender on macOS a reason to exist?

Maybe Microsoft will bring back the amazingly successful Internet Explorer for Mac. I cannot tell you about all the people who loved IE for Mac. That's because both of them are ashamed they liked it and don't want anyone to know who they are.