Apple Mac OS X has a lot more vulnerabilities than Windows XP?

“In yesterday’s article ‘Is Mac OS as safe as ever,’ Joris Evers poses the age old question if Mac OS security is myth or reality. I decided to settle this once and for all with some hard numbers from the independent security research group Secunia along with the number of CVE issues for Microsoft Windows XP and Mac OS X within the last two years,” George Ou blogs for ZDNet.

Ou presents a chart showing Mac OS X with far more vulnerabilities than Windows XP.

“The data is clear, and Apple has a lot more vulnerabilities of every kind ranging from moderately critical to extremely critical. While Windows had some months with more security disclosures, they are more spread out while Apple tends to release mega-advisories with dozens of vulnerabilities at a time. There were seven months where Apple disclosed more a dozen or more highly critical vulnerabilities and August 2005 saw nearly three dozen of them. One of the most severe zero day exploits for Mac OS X disclosed this month with a working proof-of-concept has yet to be patched so we’ll have to wait and see how long it takes Apple to release a patch,” Ou writes. “Microsoft on the other hand seems to let some moderately critical and even one highly critical vulnerability go unpatched for more than a year. I’ve hammered Microsoft for this issue in the past and Microsoft has responded to me that they are clarifying some of these issues with Secunia because some of the unpatched vulnerabilities may be moot. I’m still waiting for Microsoft’s detailed explanation on these unpatched vulnerabilities.”

Full article here.

MacDailyNews Take: Ou’s is a meaningless exercise. In the past five years and counting, zero Macs — out of tens of millions — have been infected with a virus. Clearly, Windows XP cannot match that record.

MacBook Pro. The first Mac notebook built upon Intel Core Duo with iLife ’06, Front Row and built-in iSight. Starting at $1999. Free shipping.
iMac. Twice as amazing — Intel Core Duo, iLife ’06, Front Row media experience, Apple Remote, built-in iSight. Starting at $1299. Free shipping.
iMac and MacBook Pro owners: Apple USB Modem. Easily connect to the Internet using dial-up service. Only $49.
iPod Radio Remote. Listen to FM radio on your iPod and control everything with a convenient wired remote. Just $49.
iPod. 15,000 songs. 25,000 photos. 150 hours of video. The new iPod. 30GB and 60GB models start at just $299. Free shipping.
Connect iPod to your television set with the iPod AV Cable. Just $19.

Related MacDailyNews articles:
Enderle: Security vendors see Apple as next big opportunity – February 28, 2006
As Apple Mac grows in popularity, will security issues increase? – February 27, 2006
The Idiot’s Guide to Mac Viruses For Dummies 101 – February 24, 2006
Wired News: ‘Mac attack a load of crap’ – February 22, 2006
Report: Apple developing fix for automatic execution of shell scripts – February 21, 2006
Ars Technica: Fears over new Mac OS X ‘Leap-A’ trojan pointless – February 20, 2006
Atlanta Journal-Constitution asks: Is ‘Mac virus’ all just propaganda from Mac haters? – February 20, 2006


  1. Virus writers are egomaniacs. They operate for bragging rights, not for monetary gain.

    A lot of PC zealots hate Mac users. They are smug. Many of those same people write viruses.

    Based on this logic, why haven’t we seen the virus writers take the smug Mac users down a notch? Could it be because it’s not because of this so-called security through obscurity myth?

  2. Stats:

    Windows XP Pro: 130 Total; 28 Unpatched
    Mac OS X: 65 Total; 3 Unpatched
    Debian Unstable: 632 Total; 1 Unpatched

    Does the number of total vulnerabilities matter? NO! It’s the amount UNPATCHED! Every system is going to have vulnerabilities if it’s going to be connected to the Internet. Windows has far more unpatched than the other 2 in my example. It’s attacked because of unpatched holes, not because of their market share.

    Apple computers COULD be attacked, but the fact that they don’t run as admin like Windows, makes making system changes that much harder. And of course, there is no patch for human stupidity.

  3. Pure FUD.

    They are clearly referencing (but not directly, of course) a discredited method of counting up malware vulnerabilities. Most of us know of the report within the last year where it claimed the Mac OS had more vulnerabilities that Windows. However, there was a LOT of double and triple (and worse) counting of vulnerabilities in that report — and many of the vulnerabilities were with third pary software and not with the Mac OS or Apple’s software.

    Sometimes I wish I had the time and money to go to each one of the idiot authors and hit them with a tazer for every one of these articles they write.

    MDN Magic Word: must
    I *must* control the urge to strangle these guys.

  4. “I’ve hammered Microsoft for this issue in the past and Microsoft has responded to me that they are clarifying some of these issues…”


    I’ve hammered Billy and Monkeyboy with some greasy butt lovin’ until the synapses responded with a fiery bang!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.