just one more geek in a sea of austin techies

November 3, 2012

Apple Hurting Microsoft Security #SecurityGeek

The latest "vulnerability report" from Kaspersky Lab included a surprise: Apple products show up twice in the "top 10 vulnerabilities list" while Microsoft products are no where to be found. What is even more interesting is that Apple's security issues are hurting Microsoft in the "vulnerabilities" department by introducing security holes in Microsoft systems...

The "Top 10" List
Microsoft's improvements in product auto-updates are given much of the credit for keeping Microsoft products off the "top 10 vulnerabiltiies" list. The list is based on the number of users/systems affected and that is determined by feedback from installed Kaspersky antivirus products. In all a pool of over 30 million vulnerable items went into creating the list with affected users having an average of 8 vulnerabilities per system.

Apple isn't the only big-name on the "top 10" list:  Oracle accounts for the top 2 vulnerabilities while Adobe products account for half of the items on the list (see the full report here):
  1. Oracle Java (1)
  2. Oracle Java (2)
  3. Adobe Flash (1)
  4. Adobe Flash (2)
  5. Adobe Reader
  6. Apple QuickTime
  7. Apple iTunes
  8. Winamp
  9. Adobe Shockwave
  10. Adobe Flash (3)

Microsoft Less Secure Because of Apple
Apple levels an unintended "one-two" punch to Windows security in the form of QuickTime and iTunes. While QuickTime is not as prevalent on Windows systems as in years past, iTunes is another matter. Apple's insistance that iPod users employ iTunes and only iTunes to move files from PCs to iPods (instead of also allowing file browsing via Windows Explorer) means that the 300+ million iPod owners out there are responsible for hundreds of millions of installed copies of insecure iTunes software.

It's worth noting that Kaspersky's "top 10" list is based almost entirely on information culled from Windows systems. The company only recently released antivirus software for Mac systems so it probably has very little Mac-based data to work with just yet.  Hopefully future "top 10" lists will be broken out into a list for Windows and a separate list for Mac OS.

Finally, before any Apple fans turn an indifferent shoulder to the report of Apple's Microsoft-based offerings appearing on the "top 10 vulnerabilities" list, take note:  Eugene Kaspersky himself stated earlier this year that "Apple is 10 years behind Microsoft" in terms of creating secure software. Whatever you may think of Kaspersky's antivurs products, it's probably well past time Apple users in general invested in some kind of security solution...

No comments:

Post a Comment