Chief Research Officer Johannes Ullrich told The Mac Observer that while Apple issues security updates for its operating systems on a regular basis, the ones released in May and June were particularly troublesome and merited the SANS Instituteis attention. While the holes in the OS were fixed, Mr. Ullrich said that he is seeing more exploits exposed in it, most likely because Appleis rising market share makes its computers more attractive targets to hackers. This wasnit a surprise, since he has also seen attacks against the Firefox Web browser rising as it increases in popularity.
iTunes runs on both Mac OS X and Windows, but Mr. Ullrich said that he did see exploits that only affected the Mac version. “They were isolated cases,” he explained, “but I did see examples of situations where users were offered an iTunes playlist that then executed malicious code and allowed access to the system. There were a couple different versions of it.”
While OS X has an advantage over Windows because it doesnit set up a user as an administrator by default, Mr. Ullrich noted that it still suffers from the same vulnerabilities as Windows and Linux. “Out of the box, OS X still has services enabled by default that shouldnit be,” he said. As with users of other operating systems, Mr. Ullrich recommends that Mac OS X users turn on their firewalls and use anti-virus software. “They shouldnit be less diligent than Windows users,” he commented.