Every few months, the computer-using community and the media — electronic and print — get in a huff and publicize the latest cases of Apple’s OS vulnerabilities. It’s that time again.

Apple’s most recent “wake-up call” came last week, as Southern California security expert Tom Ferris and a SANS Institute report released yesterday reported seven new vulnerabilities. Experts again warned that Apple’s iconic status, its growing market share and adoption of the same microprocessors used in machines running Windows are making Macs more vulnerable to virus attacks.

SANS Institute’s report listed eight major trends affecting computer network security, including the “rapid growth in critical vulnerabilities” in Mac OS/X, Apple’s operating system (OS), long considered safer from hacker attacks than Windows, the report said.

“Mac’s OS/X operating system is no longer the ‘bulletproof alternative’ to Windows.”

Of course, it never was.

According to the report, some users of the Apple Safari browser have inadvertently visited Web sites that prompted their computers to automatically download and execute malicious files. Ferris said nasty Web sites can exploit the holes without a user’s knowledge, potentially allowing a criminal to execute code remotely and gain access to passwords and other sensitive information.

One of the biggest shocks that the Mac community had after Steve Jobs announced the migration toward Intel processors might have been the news of the recently appeared viruses conceived especially for Mac OS X and the fact that the operating system, considered invulnerable not so long ago, wouldn’t be spared by security holes anymore.

In February, Sophos and other antivirus producers discovered the first virus. Things continue to get worse with Ferris’ discovery of yet another seven new vulnerabilities that affect Mac OS X 10.4 and the Safari browser. According to science and tech Web site Playfuls.com, “They were all ranked by Secunia as ‘highly critical,’ and that is how the question, ‘Are Macs as secure as they used to be or are they beginning to become as vulnerable as Microsoft?’ arose.”

In an article published by the Associated Press last weekend, Ferris proposed a parallel between Microsoft and Apple, as the Cupertino-based company reacts rather slowly when it comes to issuing updates for their vulnerabilities.

It’s true, says Playfuls.com, a virus and six security vulnerabilities should not go ignored, yet “from that to actually drawing the conclusion that Macs aren’t anymore what they used to be when it comes to security — there’s quite a long way.”

Macs never were immune to viruses, but they never were open to the same high number of viruses as their Windows counterparts, either. Echoes perhaps the most telling comment from Rohit Dhamankar, editor of @RISK, a SANS Institute newsletter: “Although OS/X still remains safer than Windows, it’s certainly not a bulletproof alternative to Windows.”

The report also found that Windows has actually fared better during the past few months.

“In 2003, 2004 and even 2005, we saw a lot of flaws in Windows Services, which led to various worms like Blaster. We haven’t seen those flaws emerge over the past six months in Windows,” Dhamankar said.

But SANS Institute said Microsoft browser Internet Explorer continued to be vulnerable to attacks. The information security institute also said other browsers, like Firefox and Mozilla, which are growing more popular, have become more vulnerable, as well.

Ferris claims he warned Apple of the vulnerabilities in January and February and that the company has yet to patch the holes.

But security is very important to Apple. After all, it is one of the key perceived differences between OS X and Windows, the latter of which is constantly battling viruses, worms and spyware (except “over the past six months,” if we are to believe Dhamankar). Apple spokeswoman Natalie Kerris disagreed that the vulnerabilities make it possible for a criminal to run code on a targeted machine. She said the company plans to patch the holes reported by Ferris in the next automatic update of Mac OS X and that there have been no reports of them being exploited.

Basically, the new report — gaining a great deal of publicity and causing quite a bit of market enthusiasm — makes known what essentially should be common sense: No operating system is totally, completely, invincibly invulnerable and safe to attacks.

Has Apple’s Mac reached the level of Microsoft Windows’ insecurity?

Aptly noted one commenter to a MacNN post on the topic back in February: “No OS is 100% safe. But I don’t remember the Mac virus that took down half the internet. Oh yeah, there wasn’t one.”

What do you think, dear readers? The usual FUD or valid trepidation? Does your business have proper computer security for either operating system?

References

Macs no longer immune to viruses, experts say
The Associated Press, April 30, 2006

Are Macs Really Threatened By Viruses And Hackers?
by Playfuls Team
Playfuls.com, May 1, 2006

Mac OS X more vulnerable than WinXP
Comment posted by SteveTech
MacNN, Feb. 28, 2006

Additional

THE BIG PICTURE: Windows worms knocking out computers
CNET

See also:
Protect Your Customers’ Data, Thus Protect Your Biz.