On CHOW: When to unfriend
BNET Business Network:
BNET
TechRepublic
ZDNet

September 16th, 2008

Even Mac users have to patch

Posted by Adam O'Donnell @ 2:47 pm

Categories: Apple, Malware, Patch Watch, Zero-day attacks

Tags: Apple Macintosh, Vulnerability, Microsoft Windows, Desktops, Security, Operating Systems, Software, Hardware, Adam O'Donnell

If you have a Macintosh you have likely received notice of the 10.5.5 update that arrived yesterday. The update includes multiple security fixes that should not be ignored, including vulnerabilities in common file parsers. Mac users and Windows users alike should patch their desktops as soon as possible when new patches arrive.  When a Windows vulnerability is announced and patched, you can be reasonably sure that an exploit will be discovered in the wild in a short period of time. This was certainly the case for the MS08-053 vulnerability that was announced earlier this month and is currently being exploited in the wild. Unlike Windows users, Mac users can be reasonably certain that they have some breathing room before exploits appear for the newly announced vulnerabilities. Mac users would like to believe this has to do with their platform being more secure, but really it comes down to a question of market share and attacker effort.

Like all other limited resources, people try to allocate their time to whatever endeavor they believe will generate the greatest utility at that point in their lives. This rule obviously holds true for attack authors in our world of monetized malware. When faced with the opportunity to write an attack against Windows or an attack against OSX, they almost always choose the former. It is not because writing Windows malware is less difficult, but rather because they are guaranteed to generate more revenue from a novel Microsoft vulnerability than they will from a novel Apple vulnerability.

For now, Mac users can be relatively confident that they can hold off patching for a few days without being attacked. This will no longer hold true as Apple’s market share improves. It is possible to show using game theory that a tipping point exists where Mac users will start facing the same patch pressure experienced by Windows users, assuming that current purchasing trends continue. While it is difficult to name a specific day and time, there will be a point where Mac users, like today’s Windows users, will regret not rapidly applying security updates.

Adam O'DonnellAdam J. O'Donnell, Ph.D. is an R&D engineer who has focused on computer security since 2000. He currently is the Director of Emerging Technologies at Cloudmark, a messaging security company located in San Francisco. See his full profile and disclosure of his industry affiliations.

Email Adam O'Donnell

Subscribe to Zero Day via Email alerts or RSS.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

  • Talkback
  • Most Recent of 25 Talkback(s)
Yup, very true
Apple is notorious of being months late in releasing critical patches. Just look at Pwn2Own, a 6 month old vulnerability that Apple had failed to release was used to take over the Apple machine.
... (Read the rest)
Posted by: rtk Posted on: 10/28/08 You are currently: a Guest | | Terms of Use
Market share improves?  tonymcs@... | 09/16/08
You really are clueless aren't you?  gtdworak | 09/17/08
What makes you think that?  daMan25 | 09/17/08
"your coveted Windows in droves. " - lol  USTechHead | 09/18/08
10% = droves??  gabrielbear@... | 10/27/08
Please provide evidence....  mrlinux | 09/17/08
That has nothing to do with Apple's OS  daMan25 | 09/17/08
I was replying to the persons comments...  mrlinux | 09/17/08
By that reasoning, all exploits would attack Macs  zato_3@... | 09/17/08
RE: Even Mac users have to patch  DannyO_0x98 | 09/16/08
Even Mac users?  3monkies | 09/30/08
lmao...  Yax_to_the_Max | 09/30/08
Haaaa  3monkies | 09/30/08
RE: Even Mac users have to patch  jack4ireland | 09/18/08
Let the FUD begin  rag@... | 09/30/08
really  Yax_to_the_Max | 09/30/08
Ummmmm? ok.  3monkies | 09/30/08
That's nice, but...  konkreet | 09/30/08
Wow  3monkies | 09/30/08
Ill will?  konkreet | 09/30/08
Exactly!  Richmedia | 10/24/08
RE: Even Mac users have to patch  richdave | 09/30/08
Finally!  3monkies | 09/30/08
nope, not true RE: Even Mac users have to patch  ralphrides | 10/27/08
Yup, very true  rtk | 10/28/08

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Click Here