Kaspersky Lab CTO Says Mac OS is ‘Really Vulnerable’

As reported by Computing, Apple has requested that security corporation Kaspersky advise it on the security of the Mac OS. It has been publicly advertised that OS X is the most secure operating system available today, but Kaspersky Lab CTO Nikolai Grebennikov begs to differ. Apparently the OS is actually much more insecure than most would believe and Grebinnikov told Computing exclusively that it’s “really vulnerable.” Read on for additional details.

“Mac OS is really vulnerable,” he claimed, “and Apple recently invited us to improve its security. We’ve begun an analysis of its vulnerabilities, and the malware targeting it,” said Grebennikov.

The CTO further claims that he believes Apple doesn’t take their security seriously enough, hinting that there may be vulnerabilities aplenty within the deep secrets of the Cupertino-based corporation’s increasingly-popular operating system.

Grebennikov claimed that, in his personal view, Apple does not take security seriously enough.

“Our first investigations show Apple doesn’t pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago.”

We’ve all known that Apple’s platform is far from being completely secure — trojans like that of Flashback from last month are an example of this. With the number of users increasing at a steady pace, more and more experts are beginning to question whether Apple’s OS will be able to keep its superb security record. I personally don’t think they can unless they start stepping up the game on security.

There are many areas in which Apple can improve how they manage the secureness of their OS, faster updates being the most crucial. The Flashback trojan, for instance, took them a good two to three months — from the time the issue was originally discovered — to release, which is absolutely ridiculous. Oracle, developer of the Java runtime, had released a patch for this issue a short time following its discovery, seeing that it was vital users get it before their machines become infected.

“Apple blocked Oracle from updating Java on Mac OS, and they perform all the updates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That’s far too long,” [Grebinnikov] said.

It’s time that Apple did take a much deeper look at their security, not only to improve things a bit, but also to ensure that users don’t need to worry about such viruses as the Flashback. The Mac is not impenetrable and hackers know it, but thankfully Apple has asked Kaspersky to consult them on security — this is not confirmed by Apple themselves, just by the CTO of the security company.

What do you think of Mac security? Does it need to be improved or should Apple continue to be slow at releasing critical updates?

[Computing]

Post a response / What do you think?