The debate resumes over Mac security

The Mac community this week has been debating an updated Knowledge Base article on Apple's Web site that raised questions about the company's stance on security. The recent update, which was pulled down on Tuesday, originally recommended that users install at least one antivirus software app. It was an odd statement given that Apple has often bashed rival Windows for being less secure than Mac OS X.

Apple removes antivirus support page

The whiplash nature of the document's publication and its oh-so-quick removal renewed an age-old debate: just how secure from malware is the Mac operating system? After all, if Apple was changing its stance, should users now be worried? Adding fuel to the fire were recent reports about the release of a Mac-based Trojan horse.

Intego warns of new Trojan

Security vendor Intego released an advisory about the Trojan on Tuesday: "This new variant, like the initial RSPlug.A Trojan horse, has been found on pornographic web sites.... When a user visits an infected site, and attempts to view a video, they are alerted that there is a 'Video ActiveX Object Error' and is told that their 'Browser cannot play this video file.' The alert instructs the user to download the 'missing Video ActiveX Object.' If the user clicks OK, a disk image downloads. Depending on the user's browser settings, this disk image may mount and launch automatically, commencing installation. If the user clicks Cancel when the Video ActiveX Object alert displays, however, they receive another alert saying, 'Please install new version of Video ActiveX Object.' This alert only allows the user to click OK, returning them to the first alert. The only way to get rid of these alerts is either to download the infected disk image, or quit the browser."

Intego finds new variant of RSPlug Trojan Horse

Each of these incidents -- the Knowledge Base article and the Intego warning, both of which came to light within a day of each other -- raised fears that Mac OS X might now be vulnerable to malware, and might now need extra security software to account for internal flaws. Some security researchers posited that Apple had finally wised up to the ways of the world. Others dismissed the Knowledge Base brouhaha as nothing new. Caught in the middle were Mac owners left wondering whether their favorite Mac was suddenly vulnerable.

So is it?

Spoiler alert: No. The BSD code underpinning Mac OS X goes a long way toward preventing malware problems -- as any Linux and Unix user can attest -- and there's a decided lack of interest in the Mac from cybercriminals. Apple has made major gains in recent years, but still has less than 10% of the operating system market share. There are many more PC users, making the payoff for cybercriminals that much greater if they target Windows.

Mac OS X inherently secure

In Computerworld's OS Smackdown, I touted the inherent security of Mac OS X as a major selling point, given that Macs are less susceptible to virus outbreaks than Windows-based PCs. Given the rarity of Mac exploits and the lengths malware authors must go to if they hope to successfully breach the Mac OS, I'd say nothing has changed since then. There are still no reports of self-propagating malware that can automatically infect a Mac by installing itself and then spreading itself to other computers. Even this latest Trojan horse requires visits to Web sites that almost anyone would be wary of and requires an administrator's password to actually install malicious code.

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.