Kaspersky: Apple '10 years behind Microsoft in terms of security'

Kaspersky: Apple '10 years behind Microsoft in terms of security'

Summary: Eugene Kaspersky believes Apple Mac OS X is 10 years behind Microsoft Windows in terms of security. He arguesCupertino will have to go through the security overhaul that Redmond once did.


Kaspersky Lab last week detailed why the increasing market share of the Apple Mac means more malware on the platform. Eugene (Yevgeny) Kaspersky, co-founder and CEO of the security firm, has now gone further in statement made at the Infosecurity Europe 2012 conference.

"I think [Apple] are ten years behind Microsoft in terms of security," Kaspersky told CBR. "For many years I've been saying that from a security point of view there is no big difference between Mac and Windows. It's always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms."

Kaspersky is of course referring to the Flashback malware that has infected hundreds of thousands of Macs (see links below). He then reiterated what his employees and many security researchers have been saying for years: Apple needs to step up its game.

"Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on," Kaspersky said. "We now expect to see more and more because cyber criminals learn from success and this was the first successful one. They will understand very soon that they have the same problems Microsoft had ten or 12 years ago. They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software. That's what Microsoft did in the past after so many incidents like Blaster and the more complicated worms that infected millions of computers in a short time. They had to do a lot of work to check the code to find mistakes and vulnerabilities. Now it's time for Apple [to do that]."

Kaspersky, the privately-held company, produces antivirus and other computer security products. Excluding the energy sector, Kaspersky Lab is considered one of Russia's few international business success stories. The company makes excellent security software and I have personally recommended some of its products a few times.

That being said, Kaspersky, both the man and his company, of course would benefit from a malware epidemic on the Mac. That's important to keep in mind, while acknowledging that the numbers are indeed growing and the Mac security situation is getting worse. Just how bad it's getting, and will get, is a matter of perspective.

See also:

Topics: Microsoft, Apple, Hardware, Malware, Security

Emil Protalinski

About Emil Protalinski

Emil is a freelance journalist writing for CNET and ZDNet. Over the years,
he has covered the tech industry for multiple publications, including Ars
Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Tested

    As secure as OS X may claim to be, I doubt it could survive the amount and level of attacks Windows PCs must endure, and more importantly, how quickly can they respond to threats with a patch? What Flashback showed is that Apple's cone if silence can backfire against them, especially since this flaw was already patched in Oracle's version of Java.
    Jeff Kibuule
    • Apple moves to the right direction: with new OS X version, they dropped ...

      ... Java as they did this earlier with Flash.

      There was [b]never[/b] case of trojans (let alone viruses) spreading because of [i]Apple[/i]'s software vulnerabilities. So getting rid of any relation to the leaky third party software such as Java and Flash will keep Apple's status cleaner. The more so Apple lags so much at the speed they compile updates.

      However, while this decision solves Apple's PR problems, it does not solve problem of users who use Java and Flash.

      Since those types of technologies can not be run strictly in "sandbox" mode, there will be always risks of malware installed by users wilfully (though ignorantly as they might think that they are installing something useful -- as in most of trojan schemes) or even without users' decision if there are vulnerabilities in Java or Flash.

      For now, Neither Apple, nor Microsoft can do anything about.
      • From what I have read . . .

        . . . . most of the vulnerabilities are not in OS X, but in apps. Only today I read an article about 1 in 5 Macs having a Windows-based vulnerability. Now, before MS fanbois go berserk, I am not having a go at MS, so calm down! I merely use it as an example of how the problem is predominantly the apps, not OS - just as is the case with Flash. On the other hand, only 1 in 36 Macs had OS vulnerabilities (which I consider is still too high!).

        You can read the article here:
      • So what?

        With Windows the majority of issues are with third party software too. And just dropping the offending software may seem like the easy way out. But when you do that you are also dropping the customers who need to access applications reliant on said third party software.
      • Apple may sidestep the whole cycle by iOSising the desktop or drop it

        iOS doesn't have the vulnerability vectors that OSX (or any general purpose multi-interface OS) has. Rather than embark upon a lengthy and risky code upgrade to OSX, it may be easier for them to either transform the desktops down and lose their pro customers, or just ditch the whole lot, customers and all.

        After all, they have a huge consumer hardware market with a huge app market that people seem to love to want to make nothing on, but which nets Apple billlions. They are not adverse to dropping whole swathes of customers.

        The only problem with dropping OSX is that they would end up with an even narrower product range, making them even more dependent upon fickle consumers, and they know that it would only take some new (and actually revolutionary) gadget from another company and their markets would suddenly lose customers, leaving them with huge inventory bills.

        That is the problem of trying to appeal to those with disposable income. They don't 'need' such products, but just 'want' them, which means they are not really committed (other than the line waiters plus extras) and can quite easily switch to whatever new thing can relieve them of their discetionary cash.
      • Silly talk about just dropping Java et al

        OSs are infrastructure. Java is also infrastructure for lot of apps.

        Dependence upon these things is usually built up over a long period and it is not easy to make changes without a lot of time and expense.

        In some cases, if the Java apps are critical, it may be easier to change the OS and hardware than the dependency upon the apps. I am not talking about play apps here, but BI and serious enterprise infrastructure which relies upon cross-platform Java-based clients.
      • Mis-information

        I have first hand experience with trojans and viruses on Mac's. Talk to any certified Apple tech and they'll be happy to inform you. Your ignorance is why this is such a big problem. Apple has been very successful at using public relations and marketing to obscure their security problems, but no longer.
      • Hogwash!!

        On the contrary, it is *Apple's* insistence on using its *own* Java runtime that caused it to lag far behind in patching Java on OS-X.
    • Bring it!

      Click bait, but seriously, you have no comprehension of the security differences between the initial release of XP and any version of *nix, Apple or otherwise (or any release of Windows since XP SP2).
    • The OS would fall in seconds, its been proven time and time again.

      The reason that the OS has seemed so secure to the average user over the past years was only due to the fact that nobody was writing malware for it. Now that it has a more decent marketshare the number of attacks will increase significantly. All the supposed "advantages" of OSX will disapear in a short time as they have to beef up the OS to be secure aswell.
  • Dunno about 10 years . . .

    Dunno about 10 years, but it is the case that Apple may have been a bit too overconfident that its security was due to its technology rather than due to its user base.

    Now that Apple is exploding, the truth of this claim will really be put to the test.
    • Apple isn't exploding!

      At least not with OS X. iOS and their tablets and phones are exploding. But Windows still dominates with 90% market share. OS X still hovers around 6-7%.
  • apple future not so bright.

    Apple has maxed out, for them the only way is downhill. With only ipad and iphone and zero business products apple may go back to the spot where it was five years ago.
    • I suggest you keep your day job

      And forget about a new career as an business investment analyst.
      • I suggest you keep your day job

        And forget about a new career as an business investment analyst.

        And I'll second that. Apple's recent profit earnings make @owlnet a p!ss-poor investment adviser.
    • Apple future brighter than you think

      Hey! genius! Do you know how to read? Apple's doing great in business.. and it hasn't even begun to try yet. Did you know Apple makes computers too? They're called Macs, and they have outgrown the PC market every quarter for the past 7 years... going downhill indeed! The only thing going downhill may be your personal ability to connect the dots.
      • The point

        is that Apple may, i say again may, have not gotten hit quite as hard by viruses which could mean they are not prepared but who knows. Apple has the advantage to look at what Microsoft did and make changes that they need to quickly. I doubt it will ever be as bad as Win98 was with viruses for any OS ever again because most devs no what not to do these days.
      • Laws of gravity

        What goes up must go down. Its not a matter of IF, but WHEN.

        Just remember IBM, Sony, Microsoft, etc etc.

        Right now Apple has momentum and probably will last another 3-5 years. After that, who knows.
      • Statistics & Numbers

        10% may be a larger percentage than, say, 1%.... but 10% of 100,000 (10,000) is less than 1% of 10 million (100,000). So it would have been nice for you to provide some numbers showing higher Mac sales than Wintel sales in the Enterprise/Business markets.

        Not to mention that the last time I saw a Mac or Apple product used in the workplace -- other than as an administrator's smartphone to be reached while out of the office -- was... oh that's right... [b]never[/b]. Of the 9 employers I've worked for (both private & public sector) since graduating from college, [b]none[/b] of them use Macs for desktops or laptops. They've all been Wintel machines. And we're talking about a range of company size from small business (less than 30 employees) to national/international companies & agencies with thousands to tens of thousands of employees.
  • Never

    Windows have seen many wars and won. Apple is the noob that just joined the military. There will be a lot of tears, and OSX will wish it was back in his mommy's arms.

    Strange analogy...but true. OSX is not a man enough yet...it will take some time to turn the hipster into a real man :P