Security 'holiday is over' for Mac users, security researchers say

Computerworld - The flurry of security issues involving Apple’s Mac OS X over the past few days once again hammers home the fact that no technology platform is invulnerable to attacks, whatever the perception might otherwise be, security analysts said.

All it takes is a certain level of interest on the part of hackers and security researchers to increase the threats associated with any platform, they said.

“All software has bugs, and a certain percentage of those bugs will be security vulnerabilties,” said Ira Winkler, an independent security analyst and author of the book Spies Among Us.

And given enough of an installed base and interest in a technology, the likelihood of such vulnerabilties being discovered also increases significantly, said Pete Lindstrom, an analyst at Spire Security LLC in Malvern, Pa.

“In Apple’s case, you can credit the media and all those folks who said the [OS X] platform was inherently secure” for drawing attention to it, Lindstrom said. Also playing a big part is the publicity surrounding Apple’s recent decision to move to Intel’s microprocessors, analysts said.

Collectively, four separate pieces of malware targeting Mac OS X have emerged since Feb. 13. The first one, known as Leap.A, was not fully functional and was limited in scope and impact, said Ken Dunham, director of the rapid response team at iDefense, a Versign Inc. company based in Reston, Va. The second family of Mac OS X malware consisted of a similarly low-risk, proof-of-concept code, named Inqtana, and two variants that attempted to spread over a Bluetooth vulnerability in Mac OSX 10.3.9.

In addition, earlier this week a critical new -- and as yet unpatched -- vulnerability was discovered in Apple’s Safari Web browser. The flaw, discovered by Michael Lehn, a graduate student at the University of Ulm in Germany, allows for arbitrary code to be executed on a user's system simply by visiting a malicious Web page.

Though none of the threats are considered especially serious, the emergence of such code is significant all the same for Apple users, Dunham said.

“It shows increased activity and viability for future Macintosh-based threats on the Mac OS X platform,” Dunham said, pointing out that the last major Macintosh threat was the Autostart worm in 1998.

“As a result, many Macintosh users are more likely to be complacent toward computer security and therefore are more likely to be vulnerable to any future threats that emerge against the Macintosh operating system,” he said.

“For some Mac users, this can be somewhat of a wake-up call,” said Craig Schmuger, virus research manager at McAfee Inc. Going forward, Macintosh users can almost certainly expect to see an increase both in the number of vulnerabilities discovered in the technology and in code designed to exploit them, Schmuger said.