Patch/Configuration Management, Vulnerability Management

OS X still safer, but not perfect

Machines powered by the Macintosh OS X remain more secure than other those running under other platforms, but the increasingly popular Apple version does contain software flaws that will continue to draw the attention of attackers, a new Kaspersky Lab analysis piece says.

Researcher Claudiu Dumitru says in the paper that while the number of Mac OS X vulnerabilities in operating system software has diminished from 38 in the first half of 2005 to 24 over the same time period this year, the number of application vulnerabilities steadily is increasing.

Comparing the first half of 2005 with the first half of this year, the number of flaws in the Safari browser increased from 2 to 6, the amount of Mail bugs shot up from zero to five and the number of QuickTime vulnerabilities skyrocketed from one to 16.

Meanwhile, this year marked the first time Mac OS X malware appeared. In February, researchers discovered the operating system's first worm, named OSX/Leap.A – an iCHAT worm that was capable of infecting applications.

Five days later, another worm appeared that spread via Bluetooth. Three days later, two zero-day, proof-of-concept exploits were revealed – one targeting the Safari browser, the other the Mail application.

Dumitru warned people to be on the lookout for more Mac security issues.

"Apple's small share of the global personal computer market has, until now, protected Macs from the unwanted attention of malware authors," he says. "However, as Apple systems become more popular, this will change. Once critical mass is reached, more malware will undoubtedly start to appear."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.