Are Macs really more secure than Windows PCs?

News
By published

The days of Mac security superiority are long gone

MacBook on desk with glasses and monitor displaying Windows in background.
(Image credit: Nick Beer/Shutterstock)

Macs have long had a reputation of being more "secure" than Windows PCs, with users believing that Apple machines are impenetrable to cybercriminals planning to carry out malware attacks. 

But the reality is less clear-cut. Data shows that both platforms are plenty vulnerable to security threats. 

According to the most recent State of Malware Report from information-security company Malwarebytes, in 2019 the average Mac faced more malware attacks than the average PC did, for the first time ever.

Not only was there a significant increase in the overall prevalence of threats against Macs in 2019, but the number of attacks per Mac was almost double that of PCs.

Mac vs. Windows PC security

One possible explanation for the perception that Macs are more secure than Windows PCs lies in another number. Machines running Windows have long dominated the personal computer market, and it was only in 2018 that Macs globally topped 10% of user share. For cybercriminals looking to get the most bang for their buck, attacks on Windows PCs have held higher value. 

Another factor, as security expert and software developer Charles Edge explained, is that Apple's closed platform has limited how developers can interact with the operating system, while Windows has generally given developers more flexibility.

But Edge notes that over the past few years, Windows has closed off elements of its platform, bringing it closer to Apple's security. 

"For a while, I would have simply responded that the Mac was more secure, for sure," Edge told Tom's Guide. "But these days, consumers get to benefit from the best of security practices that each platform copies from the other." 

The bottom line: Macs and PCs both have flaws and vulnerabilities, albeit in slightly different ways. For example, cybersecurity company Kaspersky suggests that Windows requires more active security upkeep, while Apple has been less proactive with security updates and patches. 

How to secure your computer

No matter which operating system you may be using, don't get lulled into a false sense of security. Privacy settings and proper digital hygiene should be applied across the board, and Edge notes that users have pretty granular control of these options on all platforms. 

"The more knowledgeable we are of these settings as consumers of devices, the more we are able to make devices usable while staying safe," he said.

Here are a few security considerations for both Macs and Windows PCs.

  • Keep your software, both applications and operating systems, up to date. Cybercriminals exploit security flaws, which updates are designed to patch. Enable automatic updates on your machine to minimize opportunities for hacks. 
  • Use strong, unique passwords for your Apple and Microsoft accounts. You should always follow password best practices, but they're especially important for your Apple ID or Microsoft login, both of which can grant access to your operating system. 
  • Limit app access. Applications that access your camera or file system create opportunities for bad actors to access your information. Edge recommends granting access to an application only if you need the feature it enables and revoking privileges that aren't actively in use. 
  • Use antivirus software and consider a VPN. Windows' built-in antivirus protection is good, but you can up your defenses with some of the best antivirus software, free or paid. The built-in defenses on Macs are a bit more haphazard, and we strongly recommend using one of the best Mac antivirus programs.
  • Consider using a virtual private network (VPN) when connecting to the internet, especially when using Wi-Fi when away from home or work. A VPN encrypts all your traffic and prevents hackers on the same local network from intercepting your data. 
  • Follow digital-hygiene best practices. Don't share personal or identifiable information online, don't click links sent via email or text, ignore pop-ups, don't reuse passwords (and consider one of the best password managers) and question messages that sound urgent or demand that you take action. 
  • On Windows, create and use a limited-privilege user account for day-to-day tasks. Use accounts with administrative privileges (the default setting on both Mac and Windows) only when installing, deleting or modifying software. Doing this will greatly limit the amount of damage a malware infection can do.
  • On a Mac, pay attention when a pop-up window asks for your permission. Malware often can't do much on a Mac until you let it, so don't just blindly click "OK" every time you're asked to authorize something. Examine what each pop-up window says, and if it looks strange, don't grant permission.
  • Stay curious. Investigate anything that seems off or unusual. 
Emily Long
Emily Long

Emily Long is a Utah-based freelance writer who covers consumer technology, privacy and personal finance for Tom's Guide. She has been reporting and writing for nearly 10 years, and her work has appeared in Wirecutter, Lifehacker, NBC BETTER and CN Traveler, among others. When she's not working, you can find her trail running, teaching and practicing yoga, or studying for grad school — all fueled by coffee, obviously.