You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: AndWill
AndWill Author
User level: Level 1
5 points

Microsoft Defender - Big Problems on Big Sur

Hi all - I'm looking for some support or guidance regarding Big Sur and Microsoft Defender. I'm making an identical post of Microsofts Defender support forum also.


We deployed MS Defender on our Macbooks towards the back end of last year. The majority of our devices or on Mojave while a couple of us test and trial Big Sur. Those of us on Big Sur are having SERIOUS problems with Defenders Real Time Protection - constant freezing up of the device with the dreaded spinning beachball of doom, mostly when switching between or interacting with windows. I've monitored CPU usage in Activity Monitor during these freeze-ups and there's no CPU resource spiking by anything as I'd have suspected. the device is barely usable during these freeze-ups and can last anywhere between 10 seconds to a couple of minutes.


Disabling Real Time Protection (or never enabling it, as you need to approve the system extension wdavdaemon in Security & Privacy to enable it) resolves the freezing up, but disabling RTP kinda defeats the purpose of having Defender in the first place.


We have a sister company that's also testing Big Sur and they're not experiencing the same troubles and problems as we are. Has anyone else experienced similar troubles, or have any guidance on where to resolve?

Posted on Jan 19, 2021 1:56 AM

Reply
Question marked as Top-ranking reply
User profile for user: VikingOSX
VikingOSX
Community+ 2024
User level: Level 10
116,579 points

Posted on Jan 19, 2021 5:19 AM

Read about the built-in security of macOS. Anything that Windows Defender would attempt to detect on Windows does not run on macOS (including viruses, trojans, etc.), and couldn't infect the operating system because it is on a code-signed, read-only drive partition.


The one thing that Windows Defender, as do other anti-virus applications on Mac does well is to trigger false alerts of legitimate application and system components and interfere with the normal operation of macOS. Decades of posts in these communities as evidence of that negative. Running any anti-virus product may satisfy an IT Security policy, but will do nothing for the end user operating system experience as delivered by Apple.

View in context
5 replies
Question marked as Top-ranking reply
User profile for user: VikingOSX
VikingOSX
Community+ 2024
User level: Level 10
116,579 points

Jan 19, 2021 5:19 AM in response to AndWill

Read about the built-in security of macOS. Anything that Windows Defender would attempt to detect on Windows does not run on macOS (including viruses, trojans, etc.), and couldn't infect the operating system because it is on a code-signed, read-only drive partition.


The one thing that Windows Defender, as do other anti-virus applications on Mac does well is to trigger false alerts of legitimate application and system components and interfere with the normal operation of macOS. Decades of posts in these communities as evidence of that negative. Running any anti-virus product may satisfy an IT Security policy, but will do nothing for the end user operating system experience as delivered by Apple.

Reply
User profile for user: Barney-15E
Barney-15E
User level: Level 10
116,410 points

Jan 19, 2021 5:32 AM in response to AndWill

We have a sister company that's also testing Big Sur and they're not experiencing the same troubles and problems as we are. Has anyone else experienced similar troubles, or have any guidance on where to resolve?

Do you have any other system modifications installed that your sister company does not.

Usually, having two different experiences would imply that you have something installed that they do not, but when it comes to AV software, it may just be the software. They are so poorly designed, what works on one computer will not work on another identically configured computer.


If you need to scan for Windows malware, perhaps ClamXAV would be a better choice for your company. However, that recommendation usually goes for using it without its real-time scanner running. I don't know how invasive it is with that enabled.

Reply
User profile for user: MadMacs0
MadMacs0
User level: Level 5
5,227 points

Jan 20, 2021 5:33 AM in response to Barney-15E

The ClamXAV real-time scanner is highly rated by independent testing for not being invasive, however, in order to use it to scan for Windows malware, one would have to make certain that the Advanced preference "Enable detection of non-Mac malware" is checked which significantly increases the signature database along with the time required for manual/scheduled scans.


If the user is also running Windows on their Mac, it is recommended that the Windows VM be excluded from ClamXAV scans and a separate Windows based AV utility be used therein.


TL;DR: the protection provided by ClamXAV against Windows malware is strictly to prevent such malware from being passed along to Windows OS users.

Reply

Microsoft Defender - Big Problems on Big Sur

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up