On Tuesday, Apple released a security update for OS X that addressed 28 vulnerabilities. At the same time, the patch release also included an update to anti-Malware detections, an update that was quietly installed with no mention whatsoever.
Apple has already made news by shipping an old version of Flash Player with this week’s updates. Now the Cupertino-based gadget titan is earning itself further headline space by silently updating OS X’s built-in anti-Malware detection, with a rule for HellRTS.
HellRTS, the name for a Trojan assigned by Mac-based security company Intego, has been around in various incarnations since 2004. The last time it was seen was in April of this year, when it was being pushed as iPhoto.
“Unfortunately, many Mac users seem oblivious to security threats which can run on their computers. And that isn't helped when Apple issues an anti-Malware security update like this by stealth, rather than informing the public what it has done,” wrote Graham Cluley of Sophos, who first reported the silent update.
“You have to wonder whether their keeping quiet about an anti-Malware security update like this was for marketing reasons,” he added.
Marketing is a huge factor behind Apple’s seemingly unstoppable presence in the technology world. The fact that Apple’s marketing department often controls the public’s perceptions about computer and Internet-related security means some of their customers are simply following hype, not common sense.
In 2008, the irony was red hot when Apple was busted for the following comment (
''The Macintosh has no need for anti-Virus software''.) in a TechNote that has long since gone MIA
link:
“Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.” –Apple TechNote (HT2550) November 21, 2008.
Given the marketing, seeing Apple encourage not just security solutions, but layered defense as well, was a seemingly random change of pace. To address the issue at the time, Apple pulled the TechNote [link] and had spokesperson Bill Evans issue a statement explaining how the removal was due to the fact that the TechNote was “old and inaccurate.”
“The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100-percent immune from every threat, running anti-Virus software may offer additional protection,” Evans said.
When we here at The Tech Herald wrote the story two years ago we asked, so which is it? Is it wise to layer protections on a Mac, or is the Mac so secure that users don’t need to?
Since that time, Apple has never really stood firm one way or the other on the topic. Apple’s marketing department and Apple Store employees will preach there is no need for such security... Yet, meanwhile, Apple's security department pushes silent anti-Malware updates. Hmm.
Looking at the attack vectors on Apple’s platform that are exposed via third-party software (Flash and QuickTime, for example), from Apple itself (Safari), and the often criticized delay in security patches once vulnerabilities are exposed, there is plenty to suggest Apple customers should think about security, even if they are using a Mac.
However, the attack vectors themselves are often exploited by criminals targeting Mac users who would rather take stock in the seemingly invulnerable defenses of the platform. As the user base grows, it will become easier and easier for criminals to target Apple’s base with socially-engineered attacks, just like they do now for PC users running on Windows.
Two years after the TechNote debacle, it’s still worth pointing out that just because the Mac is relatively safe now, does not guarantee the system will stay that way forever.
Macs are great computers. They can be expensive, but they’re solid systems. Yet, you should still exercise the same amount of security caution when dealing with them as you would with a PC -- not because they are vulnerable, but because it simply makes sense to do so.
