Risk
3/30/2007
02:49 PM
Mitch Wagner
Mitch Wagner
Commentary
50%
50%

Is The Mac More Secure Than Windows? Does It Matter?

Is the Mac more secure than Windows, in some absolute measurement of security? And does it really matter? Senior writer Sharon Gaudin talked to a few security experts and reported the consensus that, despite a recent increase in reported security flaws, the Mac is still more secure than Windows. But it's doubtful that'll change anybody's buying decisions -- Windows users know that their software has security pr

Is the Mac more secure than Windows, in some absolute measurement of security? And does it really matter? Senior writer Sharon Gaudin talked to a few security experts and reported the consensus that, despite a recent increase in reported security flaws, the Mac is still more secure than Windows. But it's doubtful that'll change anybody's buying decisions -- Windows users know that their software has security problems, and yet they use it anyway.

McAfee last year said that reported Mac vulnerabilities increased 228% in the past three years, compared with a 73% increase for Windows. And Apple is lagging behind Microsoft in issuing bug fixes, with Apple taking an average of 66 days to patch vulnerabilities, while Microsoft took three weeks.

But the Mac is still safer than Windows, says Johannes Ullrich, chief research officer at the SANS Institute. It's just not as safe as Apple pretends it is.

Read the rest of the article for more information and discussion.

The security comparison is interesting information. But just how useful is it? I've never encountered anyone who cited security as a reason for buying a Mac. They buy a Mac for stability, ease of use, because they're doing graphics or multimedia or some other application for which the Mac is best. They buy a Mac out of desire to stick it to Microsoft, for which many people in the user community have an irrational hatred. But I've never heard anybody say, "I bought a Mac because it's more secure."

Let's hear it from the Mac users out there. Why'd you go with the Mac?

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-4774
Published: 2015-05-25
Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers to hijack the authentication of arbitrary users via vectors involving a FRAME element.

CVE-2014-4778
Published: 2015-05-25
IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking attacks via vectors involving a FRAME element.

CVE-2014-6190
Published: 2015-05-25
The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows remote attackers to obtain sensitive information via a direct request for the URL of a log document.

CVE-2014-6192
Published: 2015-05-25
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-8146
Published: 2015-05-25
The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode (ICU) before 55.1 does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (hea...

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.