For Apple lovers, the Mac OS and Apple device’s underdog status long served as a hardy defense against criminal exploits. But with 54 new fixes in Apple’s latest security update, those days are officially over.
Though still an underdog, here’s insight into why criminals are taking an interest in Apple. Consider the company’s 2010 Sales data (Fiscal year ended Sept 25th 2010) results, and it is easy to see why criminal interest is perking up.
In just the past three years, Apple has sold 33.7 million computers, 72.5 million iPhones, and iPad sales are soaring. Add to that the over 350 thousand applications in the Apple App store and the potential for exploitation becomes even more interesting. (To learn more about threats to the iPhone see Researcher warns of risks from rogue iPhone apps).
To address the risking exploit risks, Apple changed their practices with regard to unreleased software[v] earlier this month. They are now sharing advanced copies of their next OS (called Lion) with security researchers, not just with developers.
ZDNet reported today that Apple has shipped another Mac OS X mega-update with fixes for 54 security vulnerabilities, including one that was used to hijack an iPhone 4 device at this year’s CanSecWest Pwn2Own hacker challenge. (See my blog Hacker Conference Focused on Web Browsers and Mobile Devices: Who Was Hacked and Who Withstood, and does it Matter? for more information.)
The ZDNet goes on to say that the new Mac OS X v10.6.7 should be treated as a high-priority update, noting that it also fixes numerous issues that could allow remote code execution attacks via rigged image or font files.
Complacency kills computers. Make sure your devices are updated and fully protected today.