News24

Kaspersky slams Apple over update

2012-04-10 12:07

Cape Town - A cyber security company has criticised Apple for a delay in sending out a security update to its operating system after a vulnerability was detected.

Computers running the Mac OS X operating system touted as the "world's most advanced desktop operating system", were compromised by the Flashfake trojan, according to Kaspersky Lab.

The company confirmed that at least 600 000 Mac computers were infected since the trojan appeared in September 2011.

Oracle released a patch to repair the vulnerability about three months ago, but Apple delayed the update to users until April 2.

"The three month delay in sending a security update was a bad decision on Apple's part," said Kaspersky Lab's chief security expert, Alexander Gostev.

Threat

Apple usually does not allow third parties to update its software, leading to a longer period for criminals to exploit vulnerabilities.

"This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple's standard AV update is a rudimentary affair which only adds new signatures when a threat is deemed large enough," said Gostev.

The Flashfake trojan allows criminals to send instructions to a user's computer to download additional malware even though no criminal activity has been detected yet.

Many users of Apple computers believe that because the threat from viruses is traditionally low, they are 100% secure.

"If we're talking about Linux users or Mac users, the problem lays in the psychology. All these guys are pretty sure that they are 100% protected and there is no malware," Sergey Novikov, head of Kaspersky Lab Global Research and Analysis Team recently told News24.

He said that mindset of Mac and Linux users was key to limiting the number of hacking incidents.

"The problem is we're running fast with new technologies but our security mindset is behind and that's why we have so many [hacking] incidents."

Mac users are advised to install the latest update from Apple to limit their vulnerability to malware that may allow hackers to steal sensitive information.


- Follow Duncan on Twitter
 

Comments
  • ChronicDJ - 2012-04-10 13:22

    But of course, Apple are not interested in the mindset of users, they're more interested in whether they are making money off them or not. This is the only reason that jailbreak hacks are so quickly dealt with... which has no impact on the security of the device.

  • halicon76 - 2012-04-10 23:46

    generally the workmanship, quality, attention to detail, ease and enjoyment a product brings me is how i warrant the value of a brand and on those factors and a thousand others i am hard pressed to ever feel ripped off by apple. what this article doesnt suggest is that there were many fixes available online that did not require a system update... and were available waaay earilier. but you can pick on apple... i mean what else can you do :P

  • pages:
  • 1