This may be a silly question but I have been told (via second hand information) that Apple Computers cannot get viruses. These seems too good to be true to me.

Can someone confirm or deny this for me please?

Thanks in advance

crl

Any computer can get a virus. The Mac OS is a UNIX based system and in basic terms is far less able to pickup a virus from web browsing or email scripts due to the security model.

The other thing is most viruses target Windows systems.

NOD32 have software for Linux, Solaris, Windows and Apple Intel based computers

It is a bit of a stretch to say that Apple Computers cannot get viruses.

But in practical terms it is pretty accurate. Along with other unix-like systems (linux, BSD, solaris etc) it is inherently a lot more resistant to viruses than Windows. Add to that the fact that in combination with this the relatively small number of Apples makes it almost impossible for a virus infection to spread. A telling fact is that as far as I know all Apple anti-virus programs are intended, not to protect the Apple, but to prevent them from passing on Windows viruses.

While it is extremely unlikely that your Apple will ever get a virus that affects it, a Windows virus may well arrive on an email you get or something you download, and although it does not infect your computer, may well be stored unchanged and sent on to someone with a Windows computer, for example as an email attachment.

Without exception, viruses that are circulating "in the wild" affect only Windows computers, and this is likely, but not absolutely certain, to continue in the future.

Note however, that your Apple can be infected by other things that are not strictly viruses, but can affect programs that run above the O/S, such as Word macro viruses, but this only affects the particular program (and the documents it produces!)

John

As others have said, they are intrinsically more secure. There is always a chance that a user can install malicious software, but it's much harder to do on a mac. There is only so much you can do to save people from themselves..

They do have considerable numbers though (In 2007 it was 22 million (http://www.appleinsider.com/articles/07/03/02/mac_install_base_estimated_at_22_million_pre_leopa rd.html)+) but no one has managed to write a virus capable of spreading in the wild yet.

YouTube - Get a Mac - Viruses

A virus, or whatever you want to call it, is just program code. As with any compiled code, they are platform dependent so a virus compiled to run on Windows will not run on MacOS of any version. However, if it is ported to the MacOS then yes, it may run. However the strategies that many modern viruses employ involve ingenious uses of the OS and are designed to exploit weaknesses in each OS. As it has been pointed out there have been many weaknesses publicised on the MS platforms and these have resulted in exploits being distributed. These exploits will not work on other OSs because they do not share the same weaknesses. This does not mean that other OSs have no or fewer weaknesses, all it means is that fewer have been found and publicised.

Having said that, the *nix operating environment uses approaches that make it less easy for unauthorised applications to gain control over the system but that is not guaranteed, for example a stack overflow can be triggered from a poorly written application running on a *nix OS which could give a rogue application access to various parts of the system. So this problem is not related necessarily to the OS but the applications running on it.

The reality is that anyone with the right skill set can create a virus at any time. You need to take whatever precautions you deem necessary to protect your system from attack. That means updating buggy software that can allow exploits, apply security patches when they come available, run virus protection/detection software (I use Sophos because that is what work gives me), be careful on the Interweb because platform independent exploits can travel with file formats like flv, swf, jpeg, etc. and not to mention cookies that capture and transmit your personal information through the use of javascript or java applets.

Alan

IMHO me thinks you need to settle on how you define "virus".

in the classical sense, no, there is no virus for osx.

trojans and other forms of malicious software are another thing.... they exist on all platforms.

the big difference between windows and nix operating systems is that userland is much more secure than windows and that bsd based nix variants are way more secure than those nix variants that dont support a "wheel" account.

the big difference between windows and nix operating systems is that userland is much more secure than windows and that bsd based nix variants are way more secure than those nix variants that dont support a "wheel" account.

Ayup.

And so it also depends on what a person thinks they need to protect: their personal data, system configuration, other users' data,... or whether by protecting themselves they are also protecting the wider computer using environment from the spread of malicious software.

The thing is, as I said above there are at least 22 million osx users in the world. Yes, I know that is a much smaller number than MS have. However, Apple sell premium hardware so by the nature of the beast people who buy Apple products are as a group perhaps a little better off than is normal in society (they certainly have better taste than average :D :wasntme: ).

I believe that this would not have been lost on the nefarious souls of the world. So while it's a smaller target than windows it could be lucrative for them. However, they haven't managed to do it so far (ever) so I'd suggest it's far far more difficult than with MS. To be honest it wouldn't surprise me if MS have there best people on it! :D

Thank you all, that answers it pretty well!

In my experience it boils down to the fact that there are more virus's, trojans, etc. for windows, but Macs are definitely not immune.
The important thing I find is having a good Service provider that filters out most of the rubbish.

as has been said "Can Apple Computers get viruses? "
yes but they arent very common, MS a victim of its own success

......MS a victim of its own success

Not the whole picture. Windows was from the start designed for use by a single user, and backward compatibility being a major attraction that keeps users with Windows, it still has many of the basic design features that reflect this. These mean its security is inherently lower than the Apple Mac, which uses a variant (BSD) of Unix, which was designed from the start for multiple users, and as such had to have a basic design that stopped users from interfering with each other.

In addition, because of this background, Windows has always put ease of use ahead of almost anything else, even if this opens security problems. In many cases this is simply in the defaults (such as automatically opening email attachments or running executables on inserted discs) rather than anything inherent in the software. Apple has fewer of these problems, partly because of the constraints of using Unix.

Of course, the fact that the vast majority of internet connected desktop computers are Windows means that not only is it more productive to create viruses for Windows, but they are far more likely to spread, and there are more experts to create them. But it is also a lot easier.

John

One of the most insidious pieces of malware, the rootkit was developed on unix like operating systems for unix variants. Since then the concept has spread to other operating systems such as windows.

Anyone who has used 'Daemon Tools' to create virtual CD/DVD drives has installed a rootkit. But at least they are up front about it unlike some others, Sony for instance, who got into trouble a few years ago, secretly installing rootkits on people PCs via its music CDs.

as has been said "Can Apple Computers get viruses? "
yes but they arent very common, MS a victim of its own success

OK, name one that has spread in the wild without the user needing to install it. ;)

OK, name one that has spread in the wild without the user needing to install it. ;)

This subject pops up on here from time to time; for some reason it seems apple users seem to try to antagonize windows users because of an apparent superior OS. It would be nice just once for an apple user to admit than one OS is really not that much better or worse than the other.
It all really boils down to personal preference and marketing IMO



Its all been said before and is covered here:



Read This (http://www.aulro.com/afvb/computers/60536-spyware-removal.html)


:nazilock:

Coming to a Mac near you: Mac Trojan Horse OSX.Trojan.iServices.A (http://www.intego.com/news/ism0901.asp)

Nah, it not a virus in the strict sense of the word but does it matter how your banking details get stolen.


Mac worms anyone? IBotnet Virus: Apple's First Worm (http://www.postchronicle.com/cgi-bin/artman/exec/view.cgi?archive=134&num=225123)

From the above article - "While the security experts probably won't come out and say it, this whole scare appears to be an elaborate to provide "conceptual truth" --ie: hackers attempting to put perceived snooty Mac users in their place by highlighting the fact that their (news flash) operating system of choice isn't so secure after all." :D

"While the security experts probably won't come out and say it, this whole scare appears to be an elaborate to provide "conceptual truth" --ie: hackers attempting to put perceived snooty Mac users in their place by highlighting the fact that their (news flash) operating system of choice isn't so secure after all." :D

Love selective quoting :cool: Also from that article


It is in the interest of software companies like Symantec, who spread the news, and McAfee, which has downplayed (http://www.scmagazineuk.com/Mac-botnet-claims-criticised-for-being-out-of-date-and-will-not-be-widespread/article/130772/) the presence of the Trojan, to raise concerns so they can promote their antivirus software packages, he said.
"Yes, it is going to become a bigger problem and, yes, people have to become more aware, but I think that what McAfee (http://topics.edition.cnn.com/topics/McAfee_Inc) and Symantec would like is for the panic to start and for people to start rushing to antivirus software," which isn't necessary yet, Etherington said.

Coming to a Mac near you: Mac Trojan Horse OSX.Trojan.iServices.A (http://www.intego.com/news/ism0901.asp)

Nah, it not a virus in the strict sense of the word but does it matter how your banking details get stolen.


Mac worms anyone? IBotnet Virus: Apple's First Worm (http://www.postchronicle.com/cgi-bin/artman/exec/view.cgi?archive=134&num=225123)

From the above article - "While the security experts probably won't come out and say it, this whole scare appears to be an elaborate to provide "conceptual truth" --ie: hackers attempting to put perceived snooty Mac users in their place by highlighting the fact that their (news flash) operating system of choice isn't so secure after all." :D


Ummm... did you really read the second one? It's actually the same "virus" that you linked first...

The IBotnet virus is a Mac-specific Trojan Horse program that infects a machine only by downloading a pirated copy of iWork,

IE to get this I have to download a pirated copy of Iwork from a torrent site or similar, and install it myself by giving it my system password.

Sorry, try again. :)

This subject pops up on here from time to time; for some reason it seems apple users seem to try to antagonize windows users because of an apparent superior OS. It would be nice just once for an apple user to admit than one OS is really not that much better or worse than the other.
It all really boils down to personal preference and marketing IMO


Sorry. If OS X was a close run thing I'd take that on and disappear. However at the moment OS X is in a different league. There are soooo many problems that windows users put up with that they just don't have to. If I point that out to people it's just so that they know there is an alternative and that they don't have to put up with it if they don't want to.

I work in IT and I'm **really** impressed with it. All the other IT professionals I know that are open minded enough to give it a go have found the same thing.

Call me fanatical but you are on a site for fanatical car owners :)

Aqua beats Windows hands down, no comparison.
Bash .... Do I need to say any more ?

The more people i convince to "make the switch" the less phone calls i take, my tech support days are becoming thinner by the minute. Thanks Steve.

Aqua beats Windows hands down, no comparison.
Bash .... Do I need to say any more ?

The more people i convince to "make the switch" the less phone calls i take, my tech support days are becoming thinner by the minute. Thanks Steve.

That's right. I've converted my whole family and in the last 18 months I've had one support job and it was a faulty usb cable to a printer. Compared to the usual drudge of long nights reinstalling windows after the inevitable it's bliss.

The only time I've re-installed os x in 4 years was when I have sold a mac and used the built in secure wiping functionality.

This might be of interest to the PC people out there. (http://www.appleinsider.com/articles/09/06/11/microsoft_announces_free_anti_virus_service_for_wi ndows.html)

Also this from the same article...

"Anti-virus vendors have recently eyed growth in the Mac platform as a potential opportunity for expanding outside of Windows, but the lack of any significant malware threats and the problems associated with installing third party security services has largely kept Apple's customers out of reach. Apple bundled McAfee's Virux tool with its .Mac service until the flood of complaints from users resulted in the buggy, performance sapping product being pulled.

Leading Mac security experts, including CanSecWest winner Charlie Miller, have recommended against installing extra security software on the Mac due to the cost and performance overhead it eats up. "I don’t think it protects me as well as it says," Miller told Computerworld in an interview. "If I was worried about attacks, I would use it, but I’m not worried.""

IE to get this I have to download a pirated copy of Iwork from a torrent site or similar, and install it myself by giving it my system password.

Yeah, why not, several thousand other Mac users apparently did, just like Widows users download and install warez, open stupid emails attachments etc. etc. The fact is a lot of people just shoot themselves in the foot and there are lot of other people happy to help them regardless of how you try to protect them from themselves.


Sorry, try again. :)

Ok I will try again :D:D - I don't know if Macs can catch worms but I do know you can always catch Mac users with one. There is something about the dedicated Mac fans - they always snap at the bait. :D:D

Oh, and note the smilies. It not a war. Its just Ford vs Holden, Amd vs Intel, Ati vs Nvida and dare I say it - Land Rover vs Toyota. There are one eyed people on both sides of the argument.

Hi all,

It's falacy to claim that either OS is more secure. I will concede that *nix based system have a better model than windows (which I use, and like) however OSX is a piece of Swiss Cheese compared to something like OpenBSD...so lets not go there.

The simple fact with any OS (Windows, Mac, whatever) is that you have to be careful and you have to keep the OS and all applications up to date with security patches.

Below is an excerpt of an AusCERT alert from May 13 2009. It advises of the vulnerabilities in OS X v10.5.7 that are corrected in an Apple patch. Any OS X v10.5.7 machine that hasn't applied the patch is vulnerable to all of these exploits (OS and application ones).

There are plenty of similar advisories for Windows, Solaris, Linux and other OS's too, so I'm not trying to paint OS X in a bad light - I'm just trying to illustrate that it has flaws like any other OS and any computer is vulnerable if it's connected to the net in any way.





AUSCERT External Security Bulletin Redistribution

ESB-2009.0690 -- [Mac][OSX]
Mac OS X v10.5.7: Multiple Vulnerabilities
13 May 2009


AusCERT Security Bulletin Summary
---------------------------------

Product: Apache
ATS
BIND
CFNetwork
CoreGraphics
Cscope
CUPS
Disk Images
enscript
Flash Player plug-in
Help Viewer
iChat
International Components for Unicode
IPSec
Kerberos
Kernel
Launch Services
libxml
Net-SNMP
Network Time
Networking
shutdown
OpenSSL
PHP
QuickDraw Manager
ruby
Safari
Spotlight
system_cmds
telnet
WebKit
X11
Publisher: Apple
Operating System: Mac OS X
Mac OS X Server
Impact: Execute Arbitrary Code/Commands
Increased Privileges
Access Confidential Data
Modify Arbitrary Files
Cross-site Scripting
Denial of Service
Cross-site Request Forgery
Provide Misleading Information
Access: Remote/Unauthenticated

APPLE-SA-2009-05-12 Security Update 2009-002 / Mac OS X v10.5.7

Security Update 2009-002 / Mac OS X v10.5.7 is now available and addresses the following:

Apache
CVE-ID: CVE-2008-2939
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Visiting a malicious website via a proxy may result in cross-site scripting
Description: An input validation issue exists in Apache's handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by applying the Apache patch for version 2.0.63. Further information is available via the Apache web site at Welcome! - The Apache HTTP Server Project (http://httpd.apache.org/) Apache 2.0.x is only shipped with Mac OS X Server v10.4.x systems. Mac OS X v10.5.x and Mac OS X Server v10.5.x ship with Apache 2.2.x.

Apache
CVE-ID: CVE-2008-2939
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Visiting a malicious website via a proxy may result in cross-site scripting
Description: An input validation issue exists in Apache 2.2.9's handling of FTP proxy requests containing wildcard characters.
Visiting a malicious website via an Apache proxy may result in a cross-site scripting attack. This update addresses the issue by updating Apache to version 2.2.11. Further information is available via the Apache web site at Welcome! - The Apache HTTP Server Project (http://httpd.apache.org/)

Apache
CVE-ID: CVE-2008-0456
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Web sites that allow users to control the name of a served file may be vulnerable to HTTP response injection
Description: A request forgery issue exists in Apache. Apache does not escape filenames when negotiating the correct content type to send to a remote browser. A user who can publish files with specially crafted names to a web site can substitute their own response for any web page hosted on the system. This update addresses the issue by escaping filenames in content negotiation responses.

ATS
CVE-ID: CVE-2009-0154
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution
Description: A heap buffer overflow exists in Apple Type Services'
handling of Compact Font Format (CFF) fonts. Viewing or downloading a document containing a maliciously crafted embedded CFF font may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Charlie Miller of Independent Security Evaluators working with TippingPoint's Zero Day Initiative for reporting this issue.

BIND
CVE-ID: CVE-2009-0025
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: BIND is susceptible to a spoofing attack if configured to use DNSSEC
Description: BIND incorrectly checks the return value of the OpenSSL DSA_do_verify function. On systems using the DNS Security Extensions
(DNSSEC) protocol, a maliciously crafted DSA certificate could bypass the validation, which may lead to a spoofing attack. By default, DNSSEC is not enabled. This update addresses the issue by updating BIND to version 9.3.6-P1 on Mac OS X v10.4, and version 9.4.3-P1 for Mac OS X v10.5 systems. Further information is available via the ISC web site at https://www.isc.org/

CFNetwork
CVE-ID: CVE-2009-0144
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Applications that use CFNetwork may send secure cookies in unencrypted HTTP requests
Description: An implementation issue exists in CFNetwork's parsing of Set-Cookie headers, which may result in certain cookies being unexpectedly sent over a non-encrypted connection. This issue affects non-RFC compliant Set-Cookie headers that are accepted for compatibility reasons. This may result in applications that use CFNetwork, such as Safari, sending sensitive information in unencrypted HTTP requests. This update addresses the issue through improved parsing of Set-Cookie headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Andrew Mortensen of the University of Michigan for reporting this issue.

CFNetwork
CVE-ID: CVE-2009-0157
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in the handling of overly long HTTP headers in CFNetwork. Visiting a malicious website may lead to an unexpected application termination or arbitrary code execution.
This update addresses the issue by performing additional validation of HTTP headers. This issue does not affect systems prior to Mac OS X v10.5. Credit to Moritz Jodeit of n.runs AG for reporting this issue.

CoreGraphics
CVE-ID: CVE-2009-0145
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues exist in CoreGraphics' handling of PDF files. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds and error checking.

CoreGraphics
CVE-ID: CVE-2009-0155
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution
Description: An integer underflow in CoreGraphics' handling of PDF files may result in a heap buffer overflow. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit to Barry K. Nathan for reporting this issue.

CoreGraphics
CVE-ID: CVE-2009-0146, CVE-2009-0147, CVE-2009-0165 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution
Description: Multiple heap buffer overflows exist in CoreGraphics'
handling of PDF files containing JBIG2 streams. Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit to Apple, Alin Rad Pop of Secunia Research, and Will Dormann of CERT/CC for reporting this issue.

Cscope
CVE-ID: CVE-2009-0148
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Processing a maliciously crafted source file with Cscope may lead to an unexpected application termination or arbitrary code execution
Description: A stack buffer overflow exists in Cscope's handling of long file system path names. Using Cscope to process a maliciously crafted source file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking.

CUPS
CVE-ID: CVE-2009-0164
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Visiting a maliciously crafted web site may lead to unauthorized access of the Web Interface of CUPS
Description: Under certain circumstances, the Web Interface of CUPS
1.3.9 and earlier may be accessible to attackers through DNS rebinding attacks. In the default configuration, this may allow a maliciously crafted website to start and stop printers, and access information about printers and jobs. This update addresses the issue by performing additional validation of the Host header. Credit:
Apple.

Disk Images
CVE-ID: CVE-2009-0150
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution
Description: A stack buffer overflow exists in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution.
This update addresses the issue through improved bounds checking.
This issue does not affect systems prior to Mac OS X v10.5. Credit to Tiller Beauchamp of IOActive for reporting this issue.

Disk Images
CVE-ID: CVE-2009-0149
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Mounting a maliciously crafted disk image may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues exist in the handling of disk images. Mounting a maliciously crafted sparse disk image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.

enscript
CVE-ID: CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in enscript
Description: enscript is updated to version 1.6.4 to address several vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the gnu web site at enscript - GNU Project - Free Software Foundation (FSF) (http://www.gnu.org/software/enscript/)

Flash Player plug-in
CVE-ID: CVE-2009-0519, CVE-2009-0520, CVE-2009-0114 Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in Adobe Flash Player plug-in
Description: Multiple issues exist in the Adobe Flash Player plug- in, the most serious of which may lead to arbitrary code execution when viewing a maliciously crafted web site. The issues are addressed by updating the Flash Player plug-in on Mac OS v10.5.x systems to version 10.0.22.87, and to version 9.0.159.0 on Mac OS X v10.4.11 systems. Further information is available via the Adobe web site at Adobe - Security Advisories : APSB09-01 - Flash Player update available to address security vulnerabilities (http://www.adobe.com/support/security/bulletins/apsb09-01.html)

Help Viewer
CVE-ID: CVE-2009-0942
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution
Description: Help Viewer loads Cascading Style Sheets referenced in URL parameters without validating that the referenced style sheets are located within a registered help book. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of file system paths when loading stylesheets.
Credit to Brian Mastenbrook for reporting this issue.

Help Viewer
CVE-ID: CVE-2009-0943
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Accessing a maliciously crafted "help:" URL may lead to arbitrary code execution
Description: Help Viewer does not validate that full paths to HTML documents are within registered help books. A malicious "help:" URL may be used to invoke arbitrary AppleScript files, which may lead to arbitrary code execution. This update addresses the issue through improved validation of "help:" URLs. Credit to Brian Mastenbrook for reporting this issue.

iChat
CVE-ID: CVE-2009-0152
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: iChat AIM communications configured for SSL may downgrade to plaintext
Description: iChat supports Secure Sockets Layer (SSL) for AOL Instant Messenger and Jabber accounts. iChat automatically disables SSL for AOL Instant Messenger accounts when it is unable to connect, and sends subsequent communications in plain text until SSL is manually re-enabled. A remote attacker with the ability to observe network traffic from an affected system may obtain the contents of AOL Instant Messenger conversations. This update addresses the issue by changing the behavior of iChat to always attempt to use SSL, and to use less secure channels only if the "Require SSL" preference is not enabled. This issue does not affect systems prior to Mac OS X v10.5, as they do not support SSL for iChat accounts.

International Components for Unicode
CVE-ID: CVE-2009-0153
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Maliciously crafted content may bypass website filters and result in cross-site scripting
Description: An implementation issue exists in ICU's handling of certain character encodings. Using ICU to convert invalid byte sequences to Unicode may result in over-consumption, where trailing bytes are considered part of the original character. This may be leveraged by an attacker to bypass filters on websites that attempt to mitigate cross-site scripting. This update addresses the issue through improved handling of invalid byte sequences. This issue does not affect systems prior to Mac OS X v10.5. Credit to Chris Weber of Casaba Security for reporting this issue.

IPSec
CVE-ID: CVE-2008-3651, CVE-2008-3652
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in the racoon daemon may lead to a denial of service
Description: Multiple memory leaks exist in the racoon daemon in ipsec-tools before 0.7.1, which may lead to a denial of service. This update addresses the issues through improved memory management.

Kerberos
CVE-ID: CVE-2009-0845
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program
Description: A null pointer dereference issue exists in the Kerberos SPNEGO support. Processing a maliciously crafted authentication packet may lead to a denial of service of a Kerberos-enabled program.
This update addresses the issue by adding a check for a null pointer.
This issue does not affect systems prior to Mac OS X v10.5.

Kerberos
CVE-ID: CVE-2009-0846, CVE-2009-0847
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Processing a maliciously crafted ASN.1 encoded message may lead to a denial of service of a Kerberos-enabled program or arbitrary code execution
Description: Multiple memory corruption issues exist in Kerberos'
handling of ASN.1 encoded messages. Processing a maliciously crafted
ASN.1 encoded message may lead to a denial of service of a Kerberos- enabled program or arbitrary code execution. Further information on the issues and the patches applied is available via the MIT Kerberos website at Kerberos: The Network Authentication Protocol (http://web.mit.edu/Kerberos/)

Kerberos
CVE-ID: CVE-2009-0844
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program
Description: An out-of-bounds memory access exists in Kerberos.
Processing a maliciously crafted Kerberos data packet may lead to a denial of service of a Kerberos-enabled program. This update addresses the issue through improved bounds checking. This issue does not affect systems prior to Mac OS X v10.5. Credit: Apple.

Kernel
CVE-ID: CVE-2008-1517
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: A local user may obtain system privileges
Description: An unchecked index issue exists in the kernel's handling of workqueues, which may lead to an unexpected system shutdown or arbitrary code execution with Kernel privileges. This update addresses the issue through improved index checking. Credit to an anonymous researcher working with Verisign iDefense VCP for reporting this issue.

Launch Services
CVE-ID: CVE-2009-0156
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Downloading a maliciously crafted Mach-O executable may cause Finder to repeatedly terminate and relaunch
Description: An out-of-bounds memory read access exists in Launch Services. Downloading a maliciously crafted Mach-O executable may cause the Finder to repeatedly terminate and relaunch. This update addresses the issue through improved bounds checking.

libxml
CVE-ID: CVE-2008-3529
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution
Description: A heap buffer overflow exists in libxml's handling of long entity names. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
This update addresses the issue through improved bounds checking.

Net-SNMP
CVE-ID: CVE-2008-4309
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: A remote attacker may terminate the operation of the SNMP service
Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By sending a maliciously crafted SNMPv3 packet, an attacker may cause the SNMP server to terminate, denying service to legitimate clients. This update addresses the issue by applying the Net-SNMP patches on Mac OS X
v10.4.11 systems, and by updating net_snmp to version 5.4.2.1 on Mac OS X v10.5.x systems. The SNMP service is not enabled by default on Mac OS X or Mac OS X Server.

Network Time
CVE-ID: CVE-2009-0021
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Network Time is susceptible to a spoofing attack if NTP authentication is enabled
Description: The ntpd daemon incorrectly checks the return value of the OpenSSL EVP_VerifyFinal function. On systems using NTPv4 authentication, this may allow a maliciously crafted signature to bypass the cryptographic signature validation, which may lead to a time spoofing attack. By default, NTP authentication is not enabled.
This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.

Network Time
CVE-ID: CVE-2009-0159
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Using the ntpq command to request peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution
Description: A stack buffer overflow exists in the ntpq program.
When the ntpq program is used to request peer information from a remote time server, a maliciously crafted response may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit:
Apple.

Networking
CVE-ID: CVE-2008-3530
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: A remote user may be able to cause an unexpected system shutdown
Description: When IPv6 support is enabled, IPv6 nodes use ICMPv6 to report errors encountered while processing packets. An implementation issue in the handling of incoming ICMPv6 "Packet Too Big" messages may cause an unexpected system shutdown. This update addresses the issue through improved handling of ICMPv6 messages.

OpenSSL
CVE-ID: CVE-2008-5077
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification
Description: Several functions within the OpenSSL library incorrectly check the result value of the EVP_VerifyFinal function. A man-in-the-middle attacker may be able to impersonate a trusted server or user in applications using OpenSSL for SSL certificate verification for DSA and ECDSA keys. This update addresses the issue by properly checking the return value of the EVP_VerifyFinal function.

PHP
CVE-ID: CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666, CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557 Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in PHP 5.2.6
Description: PHP is updated to version 5.2.8 to address multiple vulnerabilities, the most serious of which may lead to arbitrary code execution. Further information is available via the PHP website at PHP: Hypertext Preprocessor (http://www.php.net/)

QuickDraw Manager
CVE-ID: CVE-2009-0160
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in QuickDraw's handling of PICT images. Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit: Apple.

QuickDraw Manager
CVE-ID: CVE-2009-0010
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution
Description: An integer underflow in the handling of PICT images may result in a heap buffer overflow. Opening a maliciously crafted PICT file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of PICT images. Credit to Damian Put and Sebastian Apelt working with TippingPoint's Zero Day Initiative, and Chris Ries of Carnegie Mellon University Computing Services for reporting this issue.

ruby
CVE-ID: CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790 Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in Ruby 1.8.6
Description: Multiple vulnerabilities exist in Ruby 1.8.6. This update addresses the issues by updating Ruby to version 1.8.6-p287.
Further information is available via the Ruby web site at http://www .ruby-lang.org/en/security/

ruby
CVE-ID: CVE-2009-0161
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Ruby programs may accept revoked certificates
Description: An incomplete error check exists in Ruby's use of the OpenSSL library. The OpenSSL::OCSP Ruby module may interpret an invalid response as an OCSP validation of the certificate. This update addresses the issue through improved error checking while verifying OCSP responses.

Safari
CVE-ID: CVE-2009-0162
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Accessing a maliciously crafted "feed:" URL may lead to arbitrary code execution
Description: Multiple input validation issues exist in Safari's handling of "feed:" URLs. Accessing a maliciously crafted "feed:" URL may lead to the execution of arbitrary JavaScript. This update addresses the issues by performing additional validation of "feed:"
URLs. These issues do not affect systems prior to Mac OS X v10.5.
Credit to Billy Rios and Microsoft Vulnerability Research (MSVR), and Alfredo Melloni for reporting these issues.

Spotlight
CVE-ID: CVE-2009-0944
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues exist in the Mac OS X Microsoft Office Spotlight Importer. Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue by performing additional validation of Microsoft Office files.

system_cmds
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: The "login" command always runs the default shell with normal priority
Description: The "login" command starts an interactive shell after a local user is authenticated. The priority level for the interactive shell is reset to the system default, which can cause the shell to run with an unexpectedly high priority. This update addresses the issue by respecting the priority setting of the calling process if the caller is the superuser or the user who was successfully logged in.

telnet
CVE-ID: CVE-2009-0158
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution
Description: A stack buffer overflow exists in telnet command.
Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an unexpected application termination or arbitrary code execution. This update addresses the issue through improved bounds checking. Credit: Apple.

WebKit
CVE-ID: CVE-2009-0945
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue exists in WebKit's handling of SVGList objects. Visiting a maliciously crafted website may lead to arbitrary code execution. This update addresses the issue through improved bounds checking. For Mac OS X v10.4.11 and Mac OS X Server v10.4.11, updating to Safari 3.2.3 will address this issue. Credit to Nils working with TippingPoint's Zero Day Initiative for reporting this issue.

X11
CVE-ID: CVE-2006-0747, CVE-2007-2754
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Impact: Multiple vulnerabilities in FreeType v2.1.4
Description: Multiple vulnerabilities exist in FreeType v2.1.4, the most serious of which may lead to arbitrary code execution when processing a maliciously crafted font. This update addresses the issues by updating FreeType to version 2.3.8. Further information is available via the FreeType site at The FreeType Project (http://www.freetype.org/) The issues are already addressed in systems running Mac OS X v10.5.6.

X11
CVE-ID: CVE-2008-2383
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Displaying maliciously crafted data within an xterm terminal may lead to arbitrary code execution
Description: The xterm program supports a command sequence known as DECRQSS that can be used to return information about the current terminal. The information returned is sent as terminal input similar to keyboard input by a user. Within an xterm terminal, displaying maliciously crafted data containing such sequences may result in command injection. This update addresses the issue by performing additional validation of the output data. This issue does not affect systems prior to Mac OS X v10.5.

X11
CVE-ID: CVE-2008-1382, CVE-2009-0040
Available for: Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in libpng version 1.2.26
Description: Multiple vulnerabilities exist in libpng version 1.2.26, the most serious of which may lead to arbitrary code execution. This update addresses the issues by updating libpng to version 1.2.35. Further information is available via the libpng website at libpng Home Page (http://www.libpng.org/pub/png/libpng.html) These issues do not affect systems prior to Mac OS X v10.5.

X11
CVE-ID: CVE-2009-0946
Available for: Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5 through v10.5.6, Mac OS X Server v10.5 through v10.5.6
Impact: Multiple vulnerabilities in FreeType v2.3.8
Description: Multiple integer overflows exist in FreeType v2.3.8, which may lead to an unexpected application termination or arbitrary code execution. This update addresses the issues through improved bounds checking. Credit to Tavis Ormandy of the Google Security Team for reporting these issues.

Whilst the above post is very impressive, informative and no doubt "computer scientist" accurate :D , I think it is somewhat disingenuous to suggest that Macs get viruses. Well - they do get viruses - they just don't effect them like they do a PC.

Since I unplugged my ever plagued Malware/Virus/Trojan ridden PC and switched to an iMac, I haven't needed to spend time conducting endless scans and updates with Spybot or Nortons. My computer may get viruses/trojans/whatever and pass them on via emails etc, but they don't affect me. The Mac keeps working, it doesn't slow down, it doesn't suddenly not backup to my Maxtor external drive - these are all things I used to be put through.

I think if the original poster tried a Mac for a time, his/her conclusion would be that no, Mac's don't get viruses!

To a layman like me - its chalk and cheese. :)

From this Sophos web site: First ever virus for Mac OS X discovered (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)

Mac virus timeline:

1982 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
15-year-old student Rich Skrenta wrote the Elk Cloner virus, capable of infecting the boot sector of Apple II computers, predating viruses for IBM PCs by some years.

1987 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
The nVIR (http://www.sophos.com/security/analyses/viruses-and-spyware/macnvira.html) virus began to infect Macs, spreading mainly by floppy disk. Source code was later made available, causing a rash of variants.

1988 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
HyperCard viruses emerged that could run on versions of Apple's Mac OS 9. One version showed the message "Dukakis for President" before self-destructing.

1990 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
The MDEF (http://www.sophos.com/security/analyses/viruses-and-spyware/macmdefa.html) virus (aka Garfield) emerged, infecting application and system files on the Mac.

1995 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
Microsoft accidentally shipped the first ever Word macro virus, Concept (http://www.sophos.com/security/analyses/viruses-and-spyware/wmconcept.html), on CD ROM. It infected both Macs and PCs. Thousands of macro viruses followed, many affecting Microsoft Office for Mac.

1996 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
Laroux (http://www.sophos.com/security/analyses/viruses-and-spyware/xm97larouxa.html), the first Excel virus, was released. Mac users were unaffected until the release of Excel 98 meant Macs could become infected.

1998 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
Sevendust (http://www.sophos.com/security/analyses/viruses-and-spyware/macsevendusta.html), also known as 666, infected applications on Apple Mac computers.

2004 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
The Renepo script worm attempted to disable Mac OS X security (http://www.sophos.com/pressoffice/news/articles/2004/10/va_renepo.html), downloaded hacking tools to affected computers, and gave criminals admin rights to the Apple Macintosh.

Hackers also wrote a proof-of-concept program called Amphimix (http://www.sophos.com/pressoffice/news/articles/2004/04/va_macmp3.html) which demonstrated how executable code could be disguised as an MP3 music file on an Apple Mac.

2006 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
Leap-A (http://www.sophos.com/security/analyses/viruses-and-spyware/osxleapa.html), the first ever virus for Mac OS X was discovered. Leap-A can spread via iChat.

The Inqtana (http://www.sophos.com/security/analyses/viruses-and-spyware/osxinqtanaa.html) worm and proof-of-concept virus soon followed.

2007 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
Sophos discovered an OpenOffice multi-platform macro worm capable of running on Windows, Linux and Mac computers. The BadBunny (http://www.sophos.com/pressoffice/news/articles/2007/05/badbunny.html) worm dropped Ruby script viruses on Mac OS X systems, and displayed an indecent JPEG image of a man wearing a rabbit costume.

Sophos reported the first financial malware for Mac (http://www.sophos.com/pressoffice/news/articles/2007/11/mac-osx-trojan.html). The gang developed both Windows and Mac versions of their malware.

2008 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
Cybercriminals targeted Mac and PC users in equal measure, by planting poisoned adverts on TV-related websites (http://www.sophos.com/pressoffice/news/articles/2008/02/poisoned-adverts.html). If accessed via an Apple Mac, surfers would be attacked by a piece of Macintosh scareware called MacSweeper (http://www.sophos.com/security/analyses/adware-and-puas/macsweeper.html).

In June, the OSX/Hovdy-A Trojan horse (http://www.sophos.com/pressoffice/news/articles/2008/06/machovdyA.html) was discovered that could steal passwords from Mac OS X users, open the firewall to give access to hackers, and disable security settings.

Troj/RKOSX-A (http://www.sophos.com/security/analyses/viruses-and-spyware/trojrkosxa.html) was discovered - a Mac OS X tool to assist hackers create backdoor Trojans, which can give them access and control over your Apple Mac computer.

In November, Sophos warned of the Jahlav Trojan (http://www.sophos.com/blogs/gc/g/2008/11/27/more-mac-os-x-malware-discovered/), and Apple issued a support advisory (http://support.apple.com/kb/HT2550?viewlocale=en_US) urging customers to run anti-virus software.

2009 (http://www.sophos.com/pressoffice/news/articles/2006/02/macosxleap.html)
In January 2009, hackers began to distribute the OSX/iWorkS-A Trojan horse via BitTorrent inside pirated versions (http://www.sophos.com/blogs/gc/g/2009/01/22/reports-mac-trojan-horse-pirated-version-iwork-09/) of Apple's iWork '09 software suite.

In the same month, a new variant (http://www.sophos.com/blogs/gc/g/2009/01/26/reports-mac-trojan-pirated-adobe-photoshop-cs4/) of the Trojan was distributed in a pirated version of Adobe Photoshop CS4.

In March, Sophos reported on how hackers were planting versions of the RSPlug Trojan horse on websites, posing as amn HDTV program called MacCinema. View a video of this attack here. (http://www.sophos.com/blogs/gc/g/2009/03/25/apple-mac-malware-caught-camera/)

Jon

So what? We still don't need to do anything about it.

I'm sorry, but as downloading and installing a pirated copy of iWork does NOT constitute a virus.

A definition from Wiki.

"A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability."

They neglected to say that a computer virus was where a user illegally downloads a program, extracts it, installs it by using it's system password. The infected computer is not able to spread and infect others. That's just stupid and not a virus.

I could put my computer under my landrover and drive over it. That is just stupid and not a virus either.

Anyway, to Auscerts. I get the list at work too. I can't remember the counts but I think it was roughly 23 pages of windows viruses and vulnerabilities, and then 4/5 that affected other systems. Occasionally there would be a mac one that Apple would patch. These are technical vulnerabilities that are found by people and companies who profit from finding vulnerabilities. These are not necessarily a virus.

Sorry, try again :)

I work on a pc all day and the stupid virus checker absolutely nobbles the thing. I move large files around and in windows defence it can handle that and do other things.. then the virus checker starts and the pc is history until it's finished. Because it's so easy to inadvertently infect the things it's locked on by group policy so sometimes I loose hours...

And then I come home and use a computer that has no virus checker and just the factory firewall and it flies. It is only ever rebooted at patch time. :)

I'm sorry, but as downloading and installing a pirated copy of iWork does NOT constitute a virus.

A definition from Wiki.

"A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability."

They neglected to say that a computer virus was where a user illegally downloads a program, extracts it, installs it by using it's system password. The infected computer is not able to spread and infect others. That's just stupid and not a virus.

I could put my computer under my landrover and drive over it. That is just stupid and not a virus either.

Anyway, to Auscerts. I get the list at work too. I can't remember the counts but I think it was roughly 23 pages of windows viruses and vulnerabilities, and then 4/5 that affected other systems. Occasionally there would be a mac one that Apple would patch. These are technical vulnerabilities that are found by people and companies who profit from finding vulnerabilities. These are not necessarily a virus.

Sorry, try again :)

I work on a pc all day and the stupid virus checker absolutely nobbles the thing. I move large files around and in windows defence it can handle that and do other things.. then the virus checker starts and the pc is history until it's finished. Because it's so easy to inadvertently infect the things it's locked on by group policy so sometimes I loose hours...

And then I come home and use a computer that has no virus checker and just the factory firewall and it flies. It is only ever rebooted at patch time. :)

I refer again to my post #4 in this thread. After reading the entire thread, I think that post was an accurate statement of the situation.

And please note, I do not use a Mac, nor am I a particular fan of them.

John

I refer again to my post #4 in this thread. After reading the entire thread, I think that post was an accurate statement of the situation.

And please note, I do not use a Mac, nor am I a particular fan of them.

John

Yes - you succinctly answered the question right there in post #4. And, as I said in my answer - if the person asking this question were to use a Mac for a while he/she would likely come to the conclusion that no, Macs don't get viruses.

Any computer can get a virus. The Mac OS is a UNIX based system and in basic terms is far less able to pickup a virus from web browsing or email scripts due to the security model.

The other thing is most viruses target Windows systems.


It is a bit of a stretch to say that Apple Computers cannot get viruses.

But in practical terms it is pretty accurate. Along with other unix-like systems (linux, BSD, solaris etc) it is inherently a lot more resistant to viruses than Windows. Add to that the fact that in combination with this the relatively small number of Apples makes it almost impossible for a virus infection to spread. A telling fact is that as far as I know all Apple anti-virus programs are intended, not to protect the Apple, but to prevent them from passing on Windows viruses.

While it is extremely unlikely that your Apple will ever get a virus that affects it, a Windows virus may well arrive on an email you get or something you download, and although it does not infect your computer, may well be stored unchanged and sent on to someone with a Windows computer, for example as an email attachment.

Without exception, viruses that are circulating "in the wild" affect only Windows computers, and this is likely, but not absolutely certain, to continue in the future.

Note however, that your Apple can be infected by other things that are not strictly viruses, but can affect programs that run above the O/S, such as Word macro viruses, but this only affects the particular program (and the documents it produces!)

John
Just so no-one has to back track in this thread. What I said in post #2 and what John said in post #4.

There is only one answer to this, if someone with enough knowledge of how to circumvent security flaws in a given OS wants to write a viral application for a given OS, regardless of the platform, it can be done. Regardless of whether its an Apple, Windows, VMS, RSTS, CP/M, OS2, MUMPS, PICK, UNIX, WICAT, DOS or some thing else I never worked with (like IBM stuff:)).

End of story!

I refer again to my post #4 in this thread. After reading the entire thread, I think that post was an accurate statement of the situation.

And please note, I do not use a Mac, nor am I a particular fan of them.

John

I agree John.. you did put it well and I appreciate your objectivity. I thanked you for it at the time too.

Maybe we should simplify this to fairly indisputable facts.

Can macs get viruses - YES

Do macs get viruses - NO

Are there any known viruses for current versions of OS X - NO

Does that make the PC only crowd happy? :)

Can macs get viruses - YES

Do macs get viruses - NO

Are there any known viruses for current versions of OS X - NO


They have Malware/Trojan problems
BBC NEWS | Technology | Experts warn of porn Mac attacks (http://news.bbc.co.uk/1/hi/technology/8096822.stm)

any operating system can get trojans/malware of the type that require


Users logging on to these sites are asked to download a "missing Video ActiveX Object" but are sent a virus payload instead.because you are actually install a script or program that doesnt do what they conned you into believing it did...

that is vastly different to it happening without user intervention.. which is what is being discussed

so to simplify this type of event we could ask

can apple users be conned in to installing programs that steal your information the same as windows users can be - YES

I'm sorry, but as downloading and installing a pirated copy of iWork does NOT constitute a virus.

A definition from Wiki.

"A computer virus is a computer program that can copy itself and infect a computer without the permission or knowledge of the owner. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability."

They neglected to say that a computer virus was where a user illegally downloads a program, extracts it, installs it by using it's system password. The infected computer is not able to spread and infect others. That's just stupid and not a virus.

I could put my computer under my landrover and drive over it. That is just stupid and not a virus either.

Anyway, to Auscerts. I get the list at work too. I can't remember the counts but I think it was roughly 23 pages of windows viruses and vulnerabilities, and then 4/5 that affected other systems. Occasionally there would be a mac one that Apple would patch. These are technical vulnerabilities that are found by people and companies who profit from finding vulnerabilities. These are not necessarily a virus.

Sorry, try again :)

I work on a pc all day and the stupid virus checker absolutely nobbles the thing. I move large files around and in windows defence it can handle that and do other things.. then the virus checker starts and the pc is history until it's finished. Because it's so easy to inadvertently infect the things it's locked on by group policy so sometimes I loose hours...

And then I come home and use a computer that has no virus checker and just the factory firewall and it flies. It is only ever rebooted at patch time. :)

So virus' are not exploits of vulnerabilities then? Exploits are only found by people paid to find them?

Good call.

Don't be so naive about Apples security patching either.

Apple Java Exploit - Not patched or addressed for 5 Months (http://blogs.pcmag.com/securitywatch/2009/05/java_exploit_released_to_press.php)

Thinking your impervious to virus, trojan, or any other kind of malware is a dangerous thing.

So virus' are not exploits of vulnerabilities then? Exploits are only found by people paid to find them?

Good call.

Don't be so naive about Apples security patching either.

Apple Java Exploit - Not patched or addressed for 5 Months (http://blogs.pcmag.com/securitywatch/2009/05/java_exploit_released_to_press.php)

Thinking your impervious to virus, trojan, or any other kind of malware is a dangerous thing.

The fact remains that millions of people round the world continue to use Macs with no virus checker - and yet they continue to do so without the viruses that you could almost guarantee to get within hours using Windows. As I said above - they are not impervious to viruses, just that for practical purposes you are very unlikely to have problems from them. Just because there are vulnerabilities that have not been patched does not mean they are a probable problem - just a possible one.

Other types of malware - yes. But almost all of them require you to do something at least a little silly to have problems. And no technical solution will stop people from being silly, no matter what sort of computer they have.

John

So virus' are not exploits of vulnerabilities then? Exploits are only found by people paid to find them?

Good call.

Don't be so naive about Apples security patching either.

Apple Java Exploit - Not patched or addressed for 5 Months (http://blogs.pcmag.com/securitywatch/2009/05/java_exploit_released_to_press.php)

Thinking your impervious to virus, trojan, or any other kind of malware is a dangerous thing.
AusCerts and the likes are mostly found by Grey Hats. That's the whole idea of these things.. the grey hats advise manufacturers and they usually patch them and then the manufacturers advise the likes of Auscerts.

There most certainly can be a known vulnerability without a virus or any other form of exploit taking place. As you've pointed out that vulnerability was released to pressure Sun (and Apple to fix it).

Most vulnerabilities (including Windows) problems are notified and fixed before any harm comes.

Well i went from dealing with virus,trojans - removing and protecting against them on a windows system for years---- to not one problem (NOT 1) in 4 years on my beautiful looking and performing mac.
No more headaches with virus' or patches or crashes or drivers or rebooting or re-installing or registering or activation or annoying messages.

I'm sorry, but as downloading and installing a pirated copy of iWork does NOT constitute a virus. .... Sorry, try again :)

I never said nor implied download or installing warez constitutes a virus. I think from the particular post it was pretty clear I was referring to a trojan for Macs and what I said in relation to that trojan was:


Nah, it not a virus in the strict sense of the word but does it matter how your banking details get stolen.

I never said nor implied download or installing warez constitutes a virus. I think from the particular post it was pretty clear I was referring to a trojan for Macs and what I said in relation to that trojan was:

Sorry.. I must have missed that :)