Security Firms: “Mac OS X Invulnerability a Myth”


Sick Mac

With increasing reports of malware and software exploits, users of Apple computers must now face the realization that “Mac OS X Invulnerability is a myth,” according to internet security firm Kaspersky Lab, which held a press conference Thursday morning as reported by ArsTechnica. The growing Mac marketshare has made the platform a target for increasingly high-profile attacks, most recently and notoriously in the form of the Flashback trojan.

Kaspersky, which offers anti-virus software for OS X, did acknowledge Apple’s steps to increase the security of its operating system by migrating towards an optional iOS-like controlled environment in its forthcoming OS X 10.8 Mountain Lion release, but fears Apple’s efforts may not be enough. 

Mountain Lion’s Gatekeeper feature, which allows a user to restrict applications on their Mac to those obtained from the Mac App Store and/or those from certified Apple developers, will greatly increase the security of the OS X platform. However, Kaspersky still believes that future vulnerabilities will be discovered in Apple’s software and that a “cat and mouse” game between nefarious hackers and Apple security teams should be expected for the foreseeable future. 

A bit of good news came from Kaspersky’s press conference: the firm now states that only 30,000 Macs remain infected with the Flashback trojan, down from a high of over 600,000 at its peak.

Kaspersky Flashback Infections

In related news, anti-virus firm Trend Micro revealed (PDF) Tuesday that Apple software suffered more security vulnerabilities in the first three months of the year than that of any other company, with 91 reported vulnerabilities compared to only 43 for primary rival Microsoft.

Trend Micro Number of Vulnerabilities

Chart by The Mac Observer from Trend Micro data.

In a sign that Apple is not standing still on security issues (or that its software is highly vulnerable, depending on the perspective), Trend Micro’s report also revealed that Apple patched 83 bugs and security flaws in its Safari 5 web browser, a record number.

Teaser graphic via Shutterstock.