Is Windows more secure than Mac?

I always loved Apple commercials for the Mac, it was always fun to see the new jab they would take a Microsoft.  I specifically got a chuckle out of the claims the Mac is so super secure and Windows was plagued with security issues.

In reality though, Mac OS has more vulnerabilities on a month to month basis than Microsoft Windows.  I brought up this in a previous post Apple Joins the Army and referenced an article with the exact statistics.  If I remember correctly, the average monthly vulnerabilities on the Mac platform was five times higher than Microsoft Windows.

I was reading this article today about Marc Maiffret, an ex-hacker who turned professional.  Featured in People Magazine’s 30 People under 30, he is definitely someone to listen to.  I immediately thought of Kevin Mitnick but that’s another story.  Marc is a co-founder for eEye Digital Security and now works as Chief Security Architect at FireEye.

He goes on to mention that he believes Microsoft does a better job auditing their code than Apple.  I would take this further in the fact many Mac users do not take security serious and many do not run any third party security products.  Until recently, many security vendors did not create products for Mac OS.  Apple commercials would you lead you to believe the Mac is super security and not vulnerable to hackers, viruses, and other forms of malicious software.

Apple has two things in their favor regarding security.  Mac OS is based on Unix, and inherits a lot of security developed over the many years.  The second reason I think is more significant, no one used to care about hacking the Mac OS outside of academic reasons.  As of December 2009, Microsoft Windows had over 92% market share compared to Mac OS at just over 5%.  Hacks built for the Windows OS can reach a larger user base and yield an exponentially higher ROI to hackers.

Although I am a big fan of Firefox (albeit far from perfect) Microsoft made impressive improvements with the security of Internet Explorer.  Ever since Bill Gates released his Trustworthy Computing memo in January 2002, Microsoft has shown significant attention to security.

Published by

Christopher

Principal Consultant at Lexan Systems L.L.C.