IE 11 is not supported. For an optimal experience visit our site on another browser.

Mac OS X still vulnerable, security firm warns

Apple's operating system still vulnerable to hackers, even after the computer maker issued a software update to fix the problem, security firmwarns.
/ Source: Reuters

Apple Computer Inc.'s Mac OS X operating system remains vulnerable to attacks by hackers, even after the Mac computer maker issued a software update to fix the problem, security firm Secunia said in an updated warning issued Tuesday.

Niels Rasmussen, chief executive of Denmark-based Secunia, said that while Apple patched one of the vulnerabilities in its Mac OS X operating system, it did not address what is known as a disk URI vulnerability, which could allows malicious Web sites to silently place code on a user's system.

"Mac users are left just as vulnerable as they were last week," Rasmussen said in a telephone interview. "They (Apple) have dealt with one of the vulnerabilities in the correct way but with the other one they have not."

Apple did not immediately return calls seeking comment.

The patched vulnerability, which Apple called "theoretical," exists in an application used to get help while browsing the Web and could expose users to malicious code, Apple had said last week.

The lack of a more detailed explanation from Apple could leave it facing some of the same criticisms Microsoft Corp. once endured over its response to its own software security holes before it buckled down and made security a public and company-wide mandate, experts said.

"From the very beginning Apple has downplayed this issue," said Rasmussen.

Part of Apple's relative invulnerability to viruses until now is because of its small share of the personal computer market -- less than 5 percent. That has made it a less attractive target for virus writers and attackers, experts have said.

"You could clearly fault Apple from the view that the second a vulnerability appears you make it known," said Tim Bajarin, an analyst at industry research firm Creative Strategies. "But there are times when the nature of the vulnerability are such that it may not be prudent to make it known immediately."

Apple's patch -- a small piece of software meant to repair glitches or security holes -- is available on its Web site at http://www.apple.com/support/downloads.

Microsoft's rival Windows operating system, because of its dominant market share, has long been plagued by worms, viruses, Trojan horses, and other security threats. But the company, which at first was criticized for being slow to warn customers and provide patches, now routinely discloses vulnerabilities and aggressively encourages users to update the Windows software with free patches when needed. (MSNBC is a Microsoft - NBC joint venture.)

"It seems like Apple wants to learn these lessons like other huge vendors have learned them," Rasmussen said.