Mac users 'just as easily duped by cybercriminals' as Windows users

Security researchers warn of new attacks on OS X and advise anti-virus protection

By Ben Camm-Jones, Macworld U.K. |  Security

In the face of new threats aimed at OS X, a security expert has warned that Mac users may be even more vulnerable than Windows users.

Because Windows users are more likely to be running up-to-date anti-virus programs, Graham Cluley of Sophos says that many Mac users are missing a "valuable safety net".

In the face of several new threats targeting Mac OS X that have been discovered in recent weeks, Mac users should make sure that they have some form of protection, Cluley said. However, keeping your computer safe from cybercriminals isn't just a case of having anti-virus programs installed - it's about making sensible choices as well.

"As we have seen on the Windows platform, the majority of the attacks do not exploit any weakness in the operating system but instead take advantage of the bug in people's brains. Mac users can be just as easily duped as their Windows cousins into making poor choices, and could end up infected as a result, Cluley told Macworld.

"The only difference is that if you're running Windows you're much more likely to have protected yourself with up-to-date anti-virus software which acts as a valuable safety net."

Cluley's comments come in the wake of the discovery of a new threat that bypasses OS X's built-in security protection features. Last week, AlienVault reported that it had encountered a malicious Microsoft Office for Mac file that on the surface appeared to be targeting non-governmental organisations in Tibet.

"A remote code execution vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file that includes a malformed record. An attacker who successfully exploits this vulnerability could take complete control of an affected system," wrote Jaime Blasco on the AlienVault Labs blog.

Fellow security firm Intego warned that it was necessary to make sure you keep all software, not just anti-virus programs, updated, as though this attack seemed to be targeted, it could be adapted for use against other OS X systems.

"These Word documents exploit a Word vulnerability that was corrected in June, 2009, but also take advantage of the fact that many users don't update such software. Word 2004 and 2008 are vulnerable, but the latest version, Word 2011 is not. Also, this vulnerability only works with .doc files, and not the newer .docx format.


Originally published on Macworld U.K. |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question