Is Windows more secure than Mac?

I always loved Apple commercials for the Mac, it was always fun to see the new jab they would take a Microsoft.  I specifically got a chuckle out of the claims the Mac is so super secure and Windows was plagued with security issues.

In reality though, Mac OS has more vulnerabilities on a month to month basis than Microsoft Windows.  I brought up this in a previous post Apple Joins the Army and referenced an article with the exact statistics.  If I remember correctly, the average monthly vulnerabilities on the Mac platform was five times higher than Microsoft Windows.

I was reading this article today about Marc Maiffret, an ex-hacker who turned professional.  Featured in People Magazine’s 30 People under 30, he is definitely someone to listen to.  I immediately thought of Kevin Mitnick but that’s another story.  Marc is a co-founder for eEye Digital Security and now works as Chief Security Architect at FireEye.

He goes on to mention that he believes Microsoft does a better job auditing their code than Apple.  I would take this further in the fact many Mac users do not take security serious and many do not run any third party security products.  Until recently, many security vendors did not create products for Mac OS.  Apple commercials would you lead you to believe the Mac is super security and not vulnerable to hackers, viruses, and other forms of malicious software.

Apple has two things in their favor regarding security.  Mac OS is based on Unix, and inherits a lot of security developed over the many years.  The second reason I think is more significant, no one used to care about hacking the Mac OS outside of academic reasons.  As of December 2009, Microsoft Windows had over 92% market share compared to Mac OS at just over 5%.  Hacks built for the Windows OS can reach a larger user base and yield an exponentially higher ROI to hackers.

Although I am a big fan of Firefox (albeit far from perfect) Microsoft made impressive improvements with the security of Internet Explorer.  Ever since Bill Gates released his Trustworthy Computing memo in January 2002, Microsoft has shown significant attention to security.

20 Zero Day Security Holes in Mac OS X to be Revealed

Famous Apple security expert Charlie Miller is preparing to announce 20+ new Zero Day security holes in Mac OS X at CanSecWest.  Charlie says “OS X has a large attack surface consisting of open source components, closed source third-party components and closed source Apple components; bugs in any of these types of components can lead to remote compromise.”   He further explains “Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town.”  As I have been saying for years, Apple users are currently safer only because hackers see a larger ROI (return on investment) attacking Microsoft Windows based machines.

I have been noticing Apple Mac users more frequently requesting and installing third party anti-virus protection software than in previous years.   More key players in the anti-virus industry are releasing their flagship security products for the Mac OS.   When the Mac OS becomes a key target to hackers the damage caused will be quite significant due to most Apple users not installing third party security software solutions and the general mindset that the Mac OS is secure from hackers and exploits.