Results 1 to 5 of 5

Mac Users More Vunerable than Windows Users.

This is a discussion on Mac Users More Vunerable than Windows Users. within the Apple forum, part of the PC; Expert: Mac users more vulnerable than Windows users | Macworld In the face of new threats aimed at OS X, ...

  1. #1
    INTJ
    Ps360's Avatar


    Join Date
    Sep 2011
    Posts
    10,517
    Reputation
    264

    Mac Users More Vunerable than Windows Users.

    Expert: Mac users more vulnerable than Windows users | Macworld


    In the face of new threats aimed at OS X, a security expert said that Mac users may be even more vulnerable than Windows users who are more likely to be running up-to-date anti-virus programs. Graham Cluley of Sophos says that many Mac users are missing a “valuable safety net.”

    Mac users should make sure that they have some form of protection, Cluley said. However, keeping your computer safe from cybercriminals isn’t just a case of having anti-virus programs installed. It’s about making sensible choices as well.

    “As we have seen on the Windows platform, the majority of the attacks do not exploit any weakness in the operating system, but instead take advantage of the bug in people’s brains,” Cluley told Macworld UK. “Mac users can be just as easily duped as their Windows cousins into making poor choices, and could end up infected as a result.

    “The only difference is that if you’re running Windows, you’re much more likely to have protected yourself with up-to-date anti-virus software which acts as a valuable safety net.”

    Cluley’s comments come in the wake of the discovery of a new threat that bypasses OS X’s built-in security protection features. Last week, AlienVault reported that it had encountered a malicious Microsoft Office for Mac file that on the surface appeared to be targeting non-governmental organisations in Tibet.

    “A remote code execution vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file that includes a malformed record,” wrote Jaime Blasco on the AlienVault Labs blog. “An attacker who successfully exploits this vulnerability could take complete control of an affected system.”

    Fellow security firm Intego in a blog post last Thursday, warned that it was necessary to make sure you keep all software updated—not just anti-virus programs—as though this attack seemed to be targeted, it could be adapted for use against other OS X systems.

    “These Word documents exploit a Word vulnerability that was corrected in June, 2009, but also take advantage of the fact that many users don’t update such software,” said the Intego blog post. “Word 2004 and 2008 are vulnerable, but the latest version, Word 2011 is not. Also, this vulnerability only works with .doc files, and not the newer .docx format.”

    The Intego post goes on to say that, “This malware is fairly sophisticated, and it is worth pointing out that the code in these Word documents is not encrypted, so any malware writer who gets copies of them may be able to alter the code and distribute their own versions of these documents.”

    Sophos’ Cluley warned that OS X would not protect against these attacks, which can be used to open up a Mac to further malware.

    “Don’t be fooled into thinking that you are protected by Mac OS X itself, which will ask for an administrator’s username and password to install software,” said Cluley. “You won’t see any prompt for credentials when this malware installs, as it is a userland Trojan. Neither the /tmp/ nor /$HOME/Library/LaunchAgents folders on Mac OS X require root privileges—meaning that software applications can run in userland with no difficulties, and even open up network sockets to transfer data.”

    Meanwhile, F-Secure reports that it has encountered a variant of the Flashback Trojan that takes advantage of a vulnerability in Java had been seen in the wild.

    The Java vulnerability has actually been patched by Oracle, though only for systems running Windows—neither Oracle nor Apple have released a fix for OS X yet. In order to stop the attacks becoming an “outbreak,” F-Secure recommends disabling or removing Java from OS X.

    Instructions on how to remove Java from OS X Lion can be found on this website. F-Secure also offers instructions on how to disable Java.

    Free anti-virus programs for Mac are offered by Sophos and Avira, while most other security firms offer paid-for versions for Mac.


    anyone who tells you a mac is more secure is lying.



  2. #2
    Get bent...
    Tyrion619's Avatar


    Join Date
    Sep 2011
    Location
    SoCal
    Posts
    876
    Reputation
    67

    You act as though Mac users didn't know this.

    Mac users don't necessarily think that their system is more 'secure', it's more of a "hackers don't like Macs, so we're safe" mentality.

    Windows-based PCs dominate the market, therefor everyone (just about) has one. Hackers know this.

    Hacking a Mac, while probably no more difficult than a PC, is more or less a waste of time to hackers. They just don't bother with Macs. There's no reason to.

    Unless they want to take out Pixar.

    That's why Macs have the 'illusion' of being more secure...

  3. #3
    illegal in 9 countries
    ant1th3s1s's Avatar


    Join Date
    Sep 2011
    Location
    Ōsutoraria
    Posts
    3,278
    Reputation
    493

    Beware Mac users running old Microsoft software...yawn.

    This only works in Office 2009 for Mac...and wait...only works on .doc, not .docx...and, and, and...only works if you received and are stupid enough to open a specific .doc file with a malformed header sent by Nigerian royalty to assist in transferring millions to your account....and...gotcha!...both Mac users who meet these criteria are infected.

    Java Runtime isn't installed on OS X Lion by default, so the second viral pandemic is once again averted...

    Checking for and removing the "Flashback" trojan

    What happened?

    As we all know by now, someone exploited a bug in Oracle's (originally Sun Microsystem's) Java software to finally run some malware on MacOS X after 12 years. As can be expected with anything involving Apple, the media picked up the story and shouted it from the rooftops. In truth, the malware was exceptionally weak and actually showed the strength of the MacOS X security architecture. It was confined to only the user-level environment where it could do very litlte damage. Nevertheless, damage was done.

    Apple has released an update to Java and an automatic removal tool to hopefully give us all another 12 years of security smugness.

    What do you need to do?

    You may not need to do anything. Apple actually stopped including Java in MacOS X Lion last year. If you don't already have Java, don't install it now.

    1) Run System Preferences > Software Update > Check Now and wait. It may say there are no updates for you. That's fine. If you do get a Java update, it will automatically remove the Flashback malware.
    2) If you had already followed advice and disabled Java in your web browser, you can re-enable it now. In Safari, go to Safari > Preferences > Security > and make sure "Java" is checked.
    3) Go to Java's Test Page. See if it has an image that looks like this:
    4) If you do have the image displayed above, then you're done.
    5) If the above image is not displayed, then you never had Java to begin with. If you ever do need Java, MacOS X will download the latest version automatically. You're still done.
    ...thank God Apple already thought of that!

    As NIAT pointed out, Macs are less vulnerable by simple virtue that it's not worth a hacker's time to target a relatively small userbase in comparison to Windows installations. It's always been that way.

    Give Mac users some credit. Most are professional, intelligent people who use them in a secure work environment and already know this shit. And anti-virus software exists for Macs too, all computers should have it installed.

    How many viruses affect pre-June 2009 versions of Windows? Keep trying PS360...
    Last edited by ant1th3s1s; 04-20-2012 at 12:25 AM.

  4. #4
    PRO Member
    Gauss's Avatar

    Join Date
    Sep 2011
    Posts
    1,166
    Reputation
    77

    The only difference is that if you’re running Windows, you’re much more likely to have protected yourself with up-to-date anti-virus software which acts as a valuable safety net
    I really think this is all you need to worry about with Mac users.

    Because of how Mac has marketed itself, many customers are truly being misled. The problem is I can't really blame anybody but the customer for that because the Apple approach is actually more secure than the old-school Windows approach when comparing them evenly.

    Apple is trading off capability for security... You can't argue with that. Problem is just Apple markets it as "we are invulnerable" rather than "we are safer." You can still hack a Mac and Mac's can still get spyware and malware. Its just more difficult to do anything other than monitor because Apple "locks out" every program from cross-interaction.

    I say old-school Windows approach because Windows security has been getting smarter. Starting with Windows 8, traditional security concerns in Windows are going to start significantly diminishing.

    Heck, Windows 8 tablet is going to be more secure than Android and equally as secure as iOS.
    Gauss's Piracy Uncertainty Principle: When you pirate a game, that act inherently changes the results of what is to come after your pirating. You can't make any statement with any certainty regarding what would have happened had you not pirated the game.


    Gauss's Rating Rationale:
    0-1: A game whose very existence is abhorrent to all things creative and intelligent.
    2-4: A just plain bad game.
    5-6: A game that has alot of mistakes, but is atleast playable and has some enjoyable sections. Good for a rent.
    7: An average game, should be played at some point
    8: A good game, should buy at some point
    9: A great game, day-one purchase
    10: A game that goes above and beyond the generation, its transcendent.

  5. #5
    Saints Row IV
    brAvEhEaRtDC's Avatar


    Join Date
    Feb 2012
    Location
    Okinawa,Japan
    Posts
    1,616
    Reputation
    33

    Quote Originally Posted by Gauss View Post
    I really think this is all you need to worry about with Mac users.

    Because of how Mac has marketed itself, many customers are truly being misled. The problem is I can't really blame anybody but the customer for that because the Apple approach is actually more secure than the old-school Windows approach when comparing them evenly.

    Apple is trading off capability for security... You can't argue with that. Problem is just Apple markets it as "we are invulnerable" rather than "we are safer." You can still hack a Mac and Mac's can still get spyware and malware. Its just more difficult to do anything other than monitor because Apple "locks out" every program from cross-interaction.

    I say old-school Windows approach because Windows security has been getting smarter. Starting with Windows 8, traditional security concerns in Windows are going to start significantly diminishing.

    Heck, Windows 8 tablet is going to be more secure than Android and equally as secure as iOS.
    What gauss said is right!
    Epic avatar by PixieOfDarkness!
    Epic signature by spanishstoat


    Click on my Signature to check my website




Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


All times are GMT -5. The time now is 02:56 PM.
Powered by vBulletin® Version 4.1.10
Copyright © 2014 vBulletin Solutions, Inc. All rights reserved.
Search Engine Optimization by vBSEO