Apple virus message tweak sparks vulnerability debate

Anti-virus companies play up breaches but analysts urge scepticism

A change to the message about virus vulnerability on Apple's website has sparked widespread debate over whether the manufacturer has made a tacit statement about potential dangers to the users of its machines.

Until recently, Apple had always proudly displayed a message proclaiming that its Mac machine family "Doesn't get PC viruses." Now, that message has been replaced with one that simply states that the hardware is "Built to be safe."

Predictably, the New York Times reports, antivirus manufacturers have pounced on this as a way to open up a valuable new market of paranoid users, whilst many analysts have pointed out that, whilst Apple Macs are no longer considered invulnerable, they're still far less likely to contract a virus.

The change comes after a recent spate of infections from a piece of malware known as Flashback, which hit half a million Macs last April, worming its way into systems via a vulnerability in Java software which required no clicking of links or confirmations to install.

Whilst that infection was quickly controlled with a simple patch, cutting infected numbers by over two thirds in a fortnight, public perception of Apple's claims of immunity was damaged. Apple's new statement is thought to be the first step in an increasing acceptance of the danger of malicious code to its users.

"I view the changes in the messages pushed out by their marketing department as some important baby-steps," said anti-virus manufacturer Sophos' Graham Cluley. "Let's hope more Apple Mac owners are also learning to take important security steps - such as installing antivirus protection."

Rich Mogull, founder of Securosis, disagrees.

"Two issues in two years is relatively minor compared with what happens in the Windows world,"Mogull tld the NYT. "Antivirus companies, in particular, can be pretty deceptive. They have been marketing Apple's immunity far more than Apple has and they are far more vulnerable. I no longer put stock in it."

A large part of the reason that Apple had for so long been untroubled by viruses was its relatively small market share. PCs were simply a bigger target. Now, with Apple's numbers skyrocketing, hackers' attentions are being increasingly turned toward it.

Related stories

Future iOS updates could end support for 32-bit apps

Fresh warnings in last iPhone and iPad update

By Christopher Dring

Report: Apple working on 'improving' App Store search

Google style paid-for result priority could be on the way

By Dan Pearson

Latest comments (6)

Antony Johnston Writer & Narrative Designer 5 years ago
Mogull has the right of it -- antivirus vendors have loathed Apple for years (because 99% of Mac users spend nothing on antivirus products) and are constantly spreading FUD. Sophos is one of the worst, but by no means the only one.

Edited 1 times. Last edit by Antony Johnston on 26th June 2012 11:51am

0Sign inorRegisterto rate and reply
Stephen Woollard Online Infrastructure Specialist, Electronic Arts5 years ago
Much as I despise Apple and all they stand for, it's certainly true to say they don't get affected by malware much.

The trouble is, this tends to lull people into a false sense of security so when something does happen, it has the potential to be far worse.

The best thing is probably for Apple to follow the route of Microsoft's Security Essentials and offer a free basic AV product that can integrate seamlessly with the OS. Having said that, I suppose the issue there is that they'd be admitting to a vulnerability they've always played down.
0Sign inorRegisterto rate and reply
Antony Johnston Writer & Narrative Designer 5 years ago
@Stephen: While it's not a direct AV product, that's pretty much what Gatekeeper is for. Although, of course, it wouldn't have prevented the recent Java exploit.

@Andrew: Surely that specific case was the fault of Adobe, not Apple. There are many things Apple could do better wrt security, no doubt, but exploits against third-party apps and frameworks is just as much of a problem for MS and OSS. Apple's problem is that it's historically been very slow to respond to such exploits, but that does appear to be changing.
0Sign inorRegisterto rate and reply
Show all comments (6)
Jim Webb Executive Editor/Community Director, E-mpire Ltd. Co.5 years ago
Mac's do have a false security thanks to security by obscurity. It's not that they are more secure, it's just that malware writers don't care to attack a market that is just 2% of the whole. As that 2% grows, attacks will become more frequent.
1Sign inorRegisterto rate and reply
gi biz ;, 5 years ago
They actually have tons of weaknesses due to being built on Unix and thus inheriting most linux vulnerabilities as a bare minimum.
Could you be more precise about that? I am aware of rootkits, but to my knowledge they tend to get outdated pretty soon. I never heard of a widespread Unix infection either, despite all the web and mail servers out there.
0Sign inorRegisterto rate and reply
Barrie Tingle Live Producer, Maxis5 years ago
As Jim mentioned, Mac's haven't had much in the way of malware and viruses because it doesn't make a massive impact like hitting Windows does. As Mac's become more popular they become more of a target for virus/malware makers.

So while some of the messaging is scare mongering from anti-virus companies I don't think Mac users should sit back thinking their system is untouchable.
0Sign inorRegisterto rate and reply

Sign in to contribute

Need an account? Register now.