Security threats Toolkit

McAfee bites into Apple security

Tags:
Apple Mac Osx,
Chips Apple Intel

Tom Espiner ZDNet.co.uk

Published: 05 May 2006 17:20 BST

Antivirus vendor McAfee has pushed into the Apple security space with a new product aimed at Mac users, McAfee VirusScan for Mactel.

McAfee launched the product on Friday, and claimed that the Apple Mac OS X is "just as vulnerable" as other operating systems to targeted malware attacks.

To back up this statement, McAfee cited the release in March of a patch that fixed twenty vulnerabilities in OS X. But although a proof-of-concept worm that targeted the OS X platform was also discovered earlier this year, many more flaws were discovered in Microsoft products over the same period.

McAfee admitted that Mac users were at "no significant risk" at the moment. But the security vendor also claimed that if the OS X user base expands — thanks to the popularity of the iPod and the new range of Intel-powered Mac — then it will become a more tempting target for organised criminals.

"Historically Microsoft has been targeted because it has had dominant market share. As there are more Apple users [in the future], more threats will appear," Sal Viveros, security expert at McAfee, told ZDNet UK.

"At this point there is very little research [into OS X vulnerabilities], and very few people trying to exploit the OS. You have a lot more people trying to find vulnerabilities in Windows at the moment, but we believe that as more people put the time into finding vulnerabilities in Apple OSs, they will become just as vulnerable as any other OS," Viveros added.

Some Apple users have reacted angrily in the past to claims that the Mac platform is becoming less secure, pointing out that Microsoft regularly releases critical patches.

But security monitoring company Secunia said that it also believes that hackers are likely to focus more resources on finding vulnerabilities in Mac OS X.

"Windows still has a much larger user base than Mac, and is therefore much more interesting to find vulnerabilities in," said a Secunia spokesperson. "However, the interest in finding vulnerabilities will increase if the popularity of Mac systems grows. We have seen the same increase in discovered vulnerabilities in the Mozilla and Firefox browsers as they increased in popularity."

Secunia added that Mac OS users are far less at risk than Windows users from blanket attacks, but said they were just as vulnerable to targeted attacks.

"For large-scale attacks, the risk seems smaller than other operating systems, considering the user-base size. However, it is just as prone to small and direct attacks as other OSs."

Mac OS X has so far proven to pose far fewer security problems to users than its more popular rival. Apple has argued that this is partly due to its code base being inherently more secure than that of Windows. BSD, the Unix variant at the heart of OS X, was designed from the outset to be a networked, multi-user system with levels of security, while Windows comes from a tradition of single-user, non-networked systems.

Some experts have also argued that because OpenBSD is open source, it has been scrutinised by more people than Windows.