Mac Attack

Firm Still Worked Up About Apple’s ‘Really Vulnerable’ OS [Updated]

Also, brace for iOS malware.
sad mac Firm Still Worked Up About Apples Really Vulnerable OS [Updated]

He doesn't feel so good. (Wikimedia Commons)

Here’s an interesting little news item: The firm that’s been on Apple’s back about the increasing threat of malware and other digital nasties to the Mac OS claims to have been “invited” to help the company improve its security. (No wonder they’ve been harping so hard on Mac vulnerabilities.)

Kaspersky Lab (which makes antivirus software) was all over the Mac Flashback botnet, tracking its rise and releasing the first removal tool, then treating the whole thing as an argument for, you guessed it, antivirus software. Now CTO Nikolai Grebenniko has dished to Computing, calling the Mac operating system “really vulnerable” and announcing that “and Apple recently invited us to improve its security. We’ve begun an analysis of its vulnerabilities, and the malware targeting it.”

He also predicts there’ll be iOS-targeted malware in “the next year or so.” 

As Computing points out, Kaspersky has quite clearly been gunning for exactly this type of arrangement:

This appears to be the successful culmination of a long-term Kaspersky strategy to work with Apple. A year ago, Grebennikov told Computing that Apple could not hope to keep its mobile platform iOS locked down without outside expertise.

But he’s maybe a little harsh on a company that is, ostensibly, a partner:

Our first investigations show Apple doesn’t pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago…. Apple blocked Oracle from updating Java on Mac OS, and they perform all the udpates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That’s far too long.

In-person meetings must be really awkward.

UPDATED: 

Since this story went live, Kapersky Labs has clarified all that business about being “invited” to give Apple an assist on the security front. Computing has updated the original article:

Grebennikov originally stated that Apple had invited Kaspersky Lab to work with the company on improving its security, but has since issued a clarification. The company has now said that its analysis of OS X was “conducted independently” but that “Apple is open to collaborating with [Kaspersky] regarding new OS X vulnerabilities.”

In Computing‘s original interview, Grebennikov was asked three times if Apple had requested Kaspersky Lab’s assistance.

Someone please just tell us whether our beloved MacBook Air is safe.

 

Follow Kelly Faircloth on Twitter or via RSS. kfaircloth@observer.com