McAfee bites into Apple security

McAfee bites into Apple security

Summary: The antivirus vendor claims that Macs are 'just as vulnerable' as Windows PCs, but admits there is no significant risk to Mac users at the moment

SHARE:
TOPICS: Security
2

Antivirus vendor McAfee has pushed into the Apple security space with a new product aimed at Mac users, McAfee VirusScan for Mactel.

McAfee launched the product on Friday, and claimed that the Apple Mac OS X is "just as vulnerable" as other operating systems to targeted malware attacks.

To back up this statement, McAfee cited the release in March of a patch that fixed twenty vulnerabilities in OS X. But although a proof-of-concept worm that targeted the OS X platform was also discovered earlier this year, many more flaws were discovered in Microsoft products over the same period.

McAfee admitted that Mac users were at "no significant risk" at the moment. But the security vendor also claimed that if the OS X user base expands — thanks to the popularity of the iPod and the new range of Intel-powered Mac — then it will become a more tempting target for organised criminals.

"Historically Microsoft has been targeted because it has had dominant market share. As there are more Apple users [in the future], more threats will appear," Sal Viveros, security expert at McAfee, told ZDNet UK.

"At this point there is very little research [into OS X vulnerabilities], and very few people trying to exploit the OS. You have a lot more people trying to find vulnerabilities in Windows at the moment, but we believe that as more people put the time into finding vulnerabilities in Apple OSs, they will become just as vulnerable as any other OS," Viveros added.

Some Apple users have reacted angrily in the past to claims that the Mac platform is becoming less secure, pointing out that Microsoft regularly releases critical patches.

But security monitoring company Secunia said that it also believes that hackers are likely to focus more resources on finding vulnerabilities in Mac OS X.

"Windows still has a much larger user base than Mac, and is therefore much more interesting to find vulnerabilities in," said a Secunia spokesperson. "However, the interest in finding vulnerabilities will increase if the popularity of Mac systems grows. We have seen the same increase in discovered vulnerabilities in the Mozilla and Firefox browsers as they increased in popularity."

Secunia added that Mac OS users are far less at risk than Windows users from blanket attacks, but said they were just as vulnerable to targeted attacks.

"For large-scale attacks, the risk seems smaller than other operating systems, considering the user-base size. However, it is just as prone to small and direct attacks as other OSs."

Mac OS X has so far proven to pose far fewer security problems to users than its more popular rival. Apple has argued that this is partly due to its code base being inherently more secure than that of Windows. BSD, the Unix variant at the heart of OS X, was designed from the outset to be a networked, multi-user system with levels of security, while Windows comes from a tradition of single-user, non-networked systems.

Some experts have also argued that because OpenBSD is open source, it has been scrutinised by more people than Windows.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • WARNING!! Don't use any other OS apart from windows!! The sky will fall in on you, may you burn in hell, blah blah blah. Oh, but if you must, this sounds rather like a thinly- veiled challenge for hackers to turn their attentions towards Mac.
    anonymous
  • Historically, Microsoft has been vulnerable to more attacks because of it's broken security model. An OS which separates user and administrator roles is more robust than one which tacks on security as an afterthought. The commercial reasons for McAfee and Secunia wanting to raise fears about OS vulnerabilities in potential new markets should not be ignored
    anonymous