Mac users are “operating under a false sense of security”, according to Symantec, and Firefox users will have to recognize that the open-source browser is currently a greater security risk than Internet Explorer.
Symantec’s latest Internet Security Threat Report, published Monday, found evidence that attackers are beginning to organize for attacks on the Mac operating system. Researchers also found that over the past six months, nearly twice as many vulnerabilities surfaced in Mozilla browsers as in Explorer.
“It is now clear that the Mac OS is increasingly becoming a target for the malicious activity, contrary to popular belief that the Mac OS is immune to traditional security concerns,” the report said.
Symantec said OS X – based on BSD Unix – now shares many of the security concerns affecting Unix users. “As Mac OS X users demand more features and implement more ports of popular UNIX applications, vulnerabilities and exploits targeting this operating system and its underlying code base are likely to increase,” Symantec said in the report.
The number of security bugs confirmed by Apple has remained about the same over the past two six-month reporting periods, with no widespread exploits, Symantec said. But an analysis of a rootkit called Mac OS X/Weapox – based on the AdoreBSD rootkit – indicates the situation might not last much longer. “While there have been no reports of widespread infection to date, this Trojan serves to demonstrate that as Mac OS X increases in popularity so too will the scrutiny it receives from potential attackers,” the report said. “Mac users may be operating under a false sense of security.”
Twenty-five vulnerabilities were disclosed for Mozilla browsers, including Firefox, in the first half of the year, compared with 13 for Explorer, Symantec said. Eighteen of the Mozilla flaws were classified as high severity, compared with eight high-severity Explorer flaws.
Symantec warned of other emerging threats, notably to increasingly popular IP telephony systems, wireless networks and mobile devices. Meanwhile, attack code is becoming more sophisticated, with attackers deploying modular code that can avoid detection systems, Symantec said.