Study: Apple’s Exposure to Net Threats Rises

As part of its current ad campaign, Apple suggests that Macs aren’t vulnerable to the same Internet security problems PCs are.

But according to a new study by security vendor Symantec, the number of vulnerabilities identified in Apple’s Safari browser in the first half of 2006 doubled over the prior six months—and it increased its window of exposure to Net-based exploits from zero days to five.

Microsoft’s Internet Explorer browser still has a longer window of exposure—the time between when code exploiting a vulnerability appears and when a fix is available—and a greater total number of security holes. But Apple “is headed in the opposite direction” with respect to its browser’s vulnerability to Internet-based threats, says Dave Cole, director of Symantec’s Security Response team.

Baseline contacted Apple last week requesting comment on the Symantec study, but the company did not provide a response by our Friday deadline.

The tenth edition of Symantec’s twice-yearly Internet Security Threat Report, to be released Sept. 25, analyzes network-based attacks and known software vulnerabilities for the first six months of 2006.

According to the report, the window of exposure for Apple’s Safari browser increased from zero days in the second half of 2005 to five days in the first half of 2006. The number of vulnerabilities identified for Safari doubled, to 12 in the first half of 2006 compared with six the preceding six months.

Meanwhile, Internet Explorer’s window of exposure declined, from 25 days in the second half of 2005 to nine days in the first half of 2006. Vulnerabilities for IE increased for the most recent period, to 38 from 25. Cole says Microsoft cut IE’s exposure window by issuing several “out-of-cycle” patches this year (Microsoft normally releases software updates on the second Tuesday of each month, so-called Patch Tuesday).

Apple’s marketing campaign implies Macs are not vulnerable to the same kinds of Internet security threats that Windows PCs are. In a recent Apple TV ad, an actor playing the Mac character says to the PC character: “I run Mac OS X, so I don’t have to worry about your spyware and viruses.”

In fact, although unusual, Internet-borne malware has targeted the Mac platform (see the U.S. Computer Emergency Readiness Team’s Apple Mac OS X Safari Command Execution Vulnerability advisory). Apple security updates for the latest vulnerabilities can be downloaded at http://docs.info.apple.com/article.html?artnum=61798.

Symantec’s Cole says it’s a fallacy to claim that any Web browser is inherently safer than another.

“The reality is, Apple has lower market share” than Windows PC makers, he says. “Attackers are driven by money, so they go after the bigger market. If you have lower market share, you’re not more secure—you’re just less interesting [to a hacker].”

He also points to what’s happened with open-source Mozilla browsers, which include Firefox. As their popularity has increased, more security holes have been discovered: For the first six months of 2006, 47 vulnerabilities were found in Mozilla, compared with 17 in the last half of 2005.

Mozilla had a one-day exposure for the first half of 2006. That’s actually an increase over Mozilla’s negative two days of exposure for the previous six months—meaning that fixes were available before exploit code was released by hackers.

Neuroscientist reveals a new way to manifest more financial abundance

Breakthrough Columbia study confirms the brain region is 250 million years old, the size of a walnut and accessible inside your brain right now.

Learn More

Picture of Baselinemag

Baselinemag

TRENDING AROUND THE WEB

If you grew up fearing your parents, you probably display these 8 traits (without realizing it)

If you grew up fearing your parents, you probably display these 8 traits (without realizing it)

The Blog Herald

If a man doesn’t believe you’re intellectually equal to him, he’ll often display these 8 subtle behaviors

If a man doesn’t believe you’re intellectually equal to him, he’ll often display these 8 subtle behaviors

Global English Editing

8 everyday behaviors of men who have very little self-respect and dignity

8 everyday behaviors of men who have very little self-respect and dignity

Personal Branding Blog

8 cheat codes that will help you to find your life partner, according to a relationship expert

8 cheat codes that will help you to find your life partner, according to a relationship expert

Small Business Bonfire

If a man displays these 10 behaviors, he wants to spend his life with you

If a man displays these 10 behaviors, he wants to spend his life with you

The Vessel

People who flourish in their later years tend to follow these 8 practices

People who flourish in their later years tend to follow these 8 practices

Jeanette Brown