Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft: Macs 'Not Safe From Malware, Attacks Will Increase'

Posted by timothy on from the what-a-huge-surprise dept.

An anonymous reader writes "Microsoft researchers have analyzed a new piece of Mac malware that uses a multi-stage attack similar to typical Windows malware infection routines. In a post titled 'An interesting case of Mac OSX malware' the Microsoft Malware Protection Center closed with this statement: 'In conclusion, we can see that Mac OSX is not safe from malware. Statistically speaking, as this operating system gains in consumer usage, attacks on the platform will increase. Exploiting Mac OSX is not much different from other operating systems. Even though Mac OSX has introduced many mitigation technologies to reduce risk, your protection against security vulnerabilities has a direct correlation with updating installed applications.'"

8 of 290 comments (clear)

  1. Re:Oh well. by Known+Nutter · · Score: 3, Informative

    No.

    http://en.wikipedia.org/wiki/Irony

    --
    Beware of the Leopard.
  2. Security vulnerabilities by vendor by Presto+Vivace · · Score: 4, Informative

    anyone who is interested can look up security vulnerabilities by vendor.

  3. Re:Not really surprising by Megane · · Score: 3, Informative

    The OS X kernel is a massive amount of C and embedded C++ code.

    Except the kernel isn't the problem. I haven't heard a single word about this recent malware crap that indicates it exploits the kernel or somehow achieves supervisor mode. Nor have I heard a single word about user-less exploits, as opposed to how you could simply install Windows, connect to the network, and have it owned within an hour, if not minutes.

    All this has been user land exploits, which require a user to do something. Some of them haven't even required the user to do something stupid, other than to go to "bad" web sites. But stop babbling about the kernel when it's not involved.

    --
    #naabhaprzrag, #sverubfr-000, #agi-fcbafberq, negvpyr[pynff*=' negvpyr-ary-'] { qvfcynl: abar !vzcbegnag; }
  4. Re:The voice of experience by Joce640k · · Score: 4, Informative

    How to use an apostrophe

    --
    No sig today...
  5. Re:Did anyone else notice... by Amarantine · · Score: 3, Informative

    Not only that: this particular exploit doesn't even work any more in Lion. Only Snow Leopard and earlier.

  6. Re:Did anyone else notice... by gstrickler · · Score: 3, Informative

    And, it doesn't work if you've applied any of the Office patches in the past 3 years. Patches that Office (by default) notifies you about weekly.

    Very opportunistic.

    Still, they are correct that attacks will increase, and anyone who has refused to install security patches in a needs to change their habits, or they will eventually be infected.

    --
    make imaginary.friends COUNT=100 VISIBLE=false
  7. Want some cheese with your whine? by RogueWarrior65 · · Score: 3, Informative

    Sour grapes, much? Jeez. The only malware A) is a Java problem and B) uses Office as the transmission medium.

  8. Re:MS Bullshit, Part 3 by Guy+Harris · · Score: 4, Informative

    Apple now requires all new MacOS X applications to create a proper sandboxing profile,

    Apple now requires all new Mac App Store applications to create a proper sandboxing profile. Non-App Store apps need not do so.