SAN FRANCISCO: Security experts are concerned over the increasing vulnerability of the Mac operating system to virus attacks. Once almost immune to viruses and malware, Mac users are finding that they too are falling victims of online criminals, like Windows system users.
Security experts have pointed out flaws in Mac OS X that make Mac users easy targets of online attacks. For example, there is high probability that a hacker or a virus creator can surreptitiously access Macs and run malicious code without the user even knowing about it.
A security researcher in Mission Viejo, California, Tom Ferris, has come out with information on his site about at least seven flaws in the Mac OS.
Five of these flaws pertain to the operating system handling image file formats like BMP, TIFF and GIF. Another flaw relates to decompressing the files into ZIP.
Ferris said the flaws relating to image files are the scariest. These give the attacker option for multiple methods to compromise a system.
Apple's vice president of software technology Bud Tribble said the company is investigating into these flaws and addressing them. He, however, said while these are critical vulnerabilities, there are no known instances of any serious interventions into the systems and resultant damages.
Ferris said there are flaws that affect Apple's Safari browser too, which pose a big threat. Browsers are attractive targets for attackers, since nearly every computer owner uses one and attacks are possible without the users' knowledge.
All the flaws impact OS X 10.4.6, Apple's latest OS edition, as well as earlier editions. Ferris said these can lead to localized denial-of-service or system crashes and often installation of malicious code in the systems by the attackers.
Danish security monitoring firm Secunia believes the flaws found in the latest Mac OS X are highly critical. The only solution, according to Secunia is to avoid untrusted websites and not to open ZIP or image files from unfamiliar senders.
Secunia issued an advisory saying "multiple vulnerabilities have been identified in Apple Mac OS X, which could be exploited by attackers to execute arbitrary commands or cause a denial of service."
Tribble said the company would address these issues in the next security update for the OS.
However, he would not accept that OS X is more susceptible to attack now than in the past. "It's become less vulnerable as we've continued to improve security," he said.
Security experts fear Apple's decision to use Intel-made microprocessors for Macs could aggravate the problems. They say there could be an increasing number of attackers, who are conversant with Intel processor-based Windows-run machines, targeting Macs and exploiting these vulnerabilities. There was a genetic diversity earlier when Macs were run on IBM's or Motorola's chips, which has now been eliminated, they say.
Tribble, however, does not agree that Intel processors make Macs more vulnerable.
These recent findings apart, Macs are comparatively safer and security experts give the OS full marks for resisting viruses and other attacks. At one time, security software company F-Secure Corp. had discontinued making its antivirus program for the Macs because there was no market for this product.
