toggle

AAPL Stock: 100.11 ( -0.64 )

Printed from http://www.macnn.com

IBM study ranks Mac as most vulernable OS [u]

updated 05:15 pm EST, Wed February 11, 2009

Mac OS vulnerabilities

IBM's security research and development group, X-Force, has released an annual report that suggests Mac is the most vulnerable operating system. The percentage of patched vulnerabilities compared to the total number of disclosed vulnerabilities was used for the rankings, with Mac OS X and OS X Server each leaving 14.3 percent of the problems unresolved. IBM gave the highest score to its own AIX platform, claiming to have fixed over 96 percent of the vulnerabilities, while Microsoft failed to patch between 5.5 percent and 4.1 percent of the reported issues for its Windows operating systems.

While Apple received a comparatively low score regarding the percentage of operating system issues that were addressed, Microsoft lead the pack for overall vulnerability disclosures. The Windows-maker accounted for 3.16 percent of all disclosures, while Apple held a close second place with 3.04 percent. The numbers reflect all software products offered by the companies, which would include their respective web browsers.

The researchers noted a significant uptick in the amount of vulnerabilities surrounding web applications, accounting for over half of the individual disclosures. Out of all the disclosures last year, 74 percent of the vulnerabilities did not receive a vendor-supplied patch by the end of the year. Despite the prevalence of malicious code in web applications, the browsers and browser plug-ins have seen a reduction in vulnerabilities.

Although Microsoft received a better score for disclosed operating system vulnerabilities, malicious website exploits heavily affected Internet Explorer and ActiveX. The two applications accounted for over 67 percent of the exploits, while Adobe Flash and Acrobat established nearly 25 percent. [via Heise Security]




by MacNN Staff

toggle

Comments

  1. byRyan

    Joined: Dec 1969

    +37

    percent

    you know the problem with percentages, is if apple has fixed 3 out of 4 holes... and MS has fixed 900 out of 1,000.... Mac has left 25% unpatched and MS has only 10%.

    But in real numbers, MS has 100 holes and mac has 1... percentages can be deceiving.

    also what is the severity of the threat and potential to exploit.

    all so IBM can claim they are better.

  1. stainboy

    Joined: Dec 1969

    +15

    byRyan...

    you hit the nail on the head.

  1. dagamer34

    Joined: Dec 1969

    +20

    Different types of holes

    Again, not to be a fanboy, but when many of the supposed "Apple" holes require you to put in your password, it's no longer a true vulnerability as much as it becomes social engineering.

    You cannot protect idiots from themselves, no matter how advanced an operating system gets.

  1. b9robot

    Joined: Dec 1969

    +8

    Idiots buy M is a joke!!!

    Yea right, that's why OSX has no viruses, no spyware, for the last 8 years OSX has been out. That's why government is moving to Macs. That's why Schools and more businesses are moving to Macs. Because it is the least secure OS. NOT!!!!
    If you believe Idiots buy M then people, you got a serious lack of FACTS!!! OSX has passed the highest form of security tests out there. It's not perfect, but it is better than any OS for sale to date PERIOD!!!

  1. Mr. Strat

    Joined: Dec 1969

    +3

    Jeez...

    A clue is a terrible thing to waste.

  1. Marook

    Joined: Dec 1969

    +2

    Look at the list!

    If you take a look at the list: http://www.iss.net/threats/ThreatList.php

    You have to go back to 2007! to find a thread listed.. Phew!

  1. russellb

    Joined: Dec 1969

    +2

    Fair Go

    Bahhh ohhh sorry just have to wipe the tears from my eyes

    Fair Go !

    lets use some common sense. We all know that any OS can have problems but if you honestly believe Windows is better equipment to deal vulnerabilities and has less than OSX you would either have to be blind freddy or trying to push your own agenda.

  1. macnixer

    Joined: Dec 1969

    +1

    so how much did

    IBM get paid by M$ to say that Mac OS X has more vulnerabilities?


    BTW the headline should be corrected. Instead of "vulernable" it should be "vulnerable".

  1. chas_m

    Moderator

    Joined: Dec 1969

    +4

    Hey Everybody!

    Let's get the oil companies to do a study on which fuel choice is the smartest!

    Just a hunch, but I'll bet they pick ... um ... OIL!

  1. Guest

    Joined: Dec 1969

    +1

    Real arguments please...

    People.

    Rather than provide defensive misdirections, is there really any basis to this? Obviously a company like IBM is not just going to make stuff up.

    Does anyone with any security knowledge contest this?

    Having skimmed the report all it does is report on the number of vulnerabilities published. While that could be one metric to use is it valid?

    What about severity of vulnerability? Ease of implementation? Practicality of attack?

    This is a more sensible debate to have...

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

Patriot Stellar Boost XT 64GB USB 3.0 drive

A vast selection of USB memory sticks means that consumers can often find exactly the size drive they need in a configuration that can ...

toggle

Most Commented