Your Mac Isn’t As Safe As You Think

You went into your local computer shop, a lovely sales man greeted you and inspired you to buy the more expensive MacBook Pro over the cheaper HP laptop. The Mac looked clean and slick; the sales man showed you the great web cam on it and let you play with the different effects and the two finger scrolling. Then he told you wouldn’t have to worry about viruses or anti-virus programs ever again since Macs are virus proof ……. and you were sold. Well hate to break it to you, they’re not…..

Well really, Macs have never been virus proof, nothing is, the only reason people say they are is because there are very few known vulnerabilities, simply because people don’t try and exploit them. I’m sure you always hear of PC & Windows users having infected PC’s and system crashes. Well the reason there appears to be so many vulnerabilities for the Windows Operating System is because it holds over 90% of the market, Mac holds roughly 5%.  Mac avoids virus attacks and gains security through obscurity. Hackers will always aim to infect more people, and since the majority of users are running Windows, that’s where they focus their attacks.

Now Proof of concept code has been revealed by a security researcher at SecurityReason to demonstrate a vulnerability in versions 10.5 and 10.6 of Apple’s Mac OS X operating system. The vulnerability is a potential buffer overflow error arising from the use of the strtod function Mac OS X’s underlying Unix code. It was first reported by researcher Maksymilian Arciemowicz last June.

Securityreason has also said that this flaw was also apparent in Firefox and Google Chrome. However both these programs released updates to patch these vulnerabilities. Apple on the other hand has issued no such patch, even though this security flaw has been known since June. SecurityReason’s advisory rates the vulnerability’s risk as “high” and claims that the flaw can be exploited by a remote attacker.

I won’t go into the ins and outs of the vulnerability, for the simple reason that I can’t even understand it completely. But what I really aim to do with this article is raise awareness for all our Mac readers. Just be aware that you’re not completely “Virus Proof ” nobody is, but just be a bit more cautious when opening email attachments, especially when you don’t know who there from, and turn on the OSX Firewall, it was put there for a reason. Source: Securityreason Informationweek

, , , , , , , , , , , , , ,

One Response to Your Mac Isn’t As Safe As You Think

  1. Michael Lankton January 13, 2010 at 9:40 pm #

    The vulnerabilities of OS X don't fall into the virus category. OS X is a unix-like os, and is vulnerable to the same type of exploits that any other unix is. These fall into two categories: trojans and exploits that grant a remote user root permissions. Same goes for linux or Solaris.

    The difference between the types of exploits that OS X is vulnerable to and the danger you face using ANY Windows machine on a network are pretty black and white. Malicious code in a web page is not going to hose a Mac the way it can a PC. On a Mac you are not going to get infected from an email virus.

    There is no perfectly safe machine or operating system except the one that is not connected to any kind of network. The advantage of the Mac is that you are not going to have to worry about 99% of the potential infectors on the web because they are aimed at Windows machines.