Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X

“I would like to discuss some important issues regarding Mac OS X and security. Let’s start with the hot-button issue of Mac OS X viruses. Simply put, at the time of writing this article, there are no file-infecting viruses that can infect Mac OS X. I see some of you raising a hand or two, wanting to ask me some ‘but, what about…’ types of questions. Indeed, in February of this year, when OSX.Leap.A was discovered the news headlines declared that it was the “First ever first ever virus for Mac OS X!” Long before the digital ink dried on those simplistic and sensational headlines our Security Response team had determined that OSX.Leap.A was a worm, and not a file-infecting virus. Our Security Response Web site explains the differences between viruses and worms. Basically, viruses are designed to infect files within a single computer, while worms are designed to spread from one computer to another,” Todd Woodward, Security Response Researcher, Symantec Corp., writes.

“Before you think that this is starting to look like an advocacy piece for Mac OS X, please remember that Mac OS X has been tested by worms, Trojan horses, rootkits, and other various security vulnerabilities. Most recently, in the wake of Apple releasing Mac OS X and Mac OS X Server 10.4.7 updates, Symantec released a high severity advisory through our DeepSight Threat Management System for all versions of Mac OS X 10.4.x prior to 10.4.7. Shortly thereafter, proof of concept code was released publicly which triggered a Category 1 threat advisory for OSX.Exploit.Launchd,” Woodward writes.

Woodward writes, “From the 30,000 foot viewpoint of the current security landscape, these Mac OS X security threats are almost completely lost in the shadows cast by the rocky security mountains of other platforms. However, no operating system is without imperfections, and no computer connected to the Internet will ever be 100% immune from attack. As Apple Computer points out: ‘A Mac running with factory settings will protect you from viruses much better than a PC, but it’s never a bad idea to run extra virus and security software.'”

Woodward, “As I tell my internal and external customers alike, just because there are no file-infecting viruses that can affect Mac OS X now, that doesn’t mean there won’t be a really nasty one released in the next five minutes. The likelihood of that happening is comparatively low and could be debated ad nauseam, but as Benjamin Franklin said: ‘A little neglect may breed great mischief: for want of a nail the shoe was lost; for want of a shoe the horse was lost; and for want of a horse the rider was lost.'”

Full article here.

[Todd Woodward is based in Springfield, Oregon, and plays a leading role at Symantec in facilitating the secure growth of the Macintosh platform in the SMB and Enterprise markets. He has 15 years experience in the telecommunications industry and was a pioneer in the field of Consumer Health Informatics. Prior to joining Symantec, Todd worked in Apple Computer’s professional support operations, and has been extensively heralding the innovative uses of Mac OS X in Internet data centers and Enterprises since Mac OS X Server 1.x was released in 1999.]

MacDailyNews Take: Excellent article. Following in Sophos’ “you catch more flies with honey than with vinegar” footsteps, eh, Symantec? If so, smart PR move; keep it up. Regardless of the reason(s), more of this level-headed and factually-based information from Symantec would definitely be welcomed.

Now if Symantec could just somehow get certain so-called “tech journalists” to also convey the facts, too, by giving carefully-constructed and considered quotes to the media, we’d really be cooking with gas. It’s probably just a dream, though, as writers with an agenda can always twist a quote to suit their needs. Still, we can hope.

Related articles:
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005

Symantec warns of new proof-of-concept ‘trojan horse’ for Mac OS X 10.4.6 – June 30, 2006
Apple: ‘Get a Mac. Say ‘Buh-Bye’ to viruses’ – June 01, 2006
Apple releases Mac OS X 10.4.7 Update – June 27, 2006
Apple Macs and viruses: Fact vs. FUD – May 26, 2006
Symantec Antivirus software flaw allows hackers to seize control of PCs without user interaction – May 25, 2006
‘Mac security’ garbage reports continue to proliferate – May 10, 2006
ZDNet: Reduce OS X security threats – ignore security software – May 05, 2006
McAfee announces virus protection for Intel-based Apple Macs – May 05, 2006
BusinessWeek: New Apple Mac ads stir up Mac security overreaction – May 04, 2006
Unix expert: Mac OS X much more secure than Windows; recent Mac OS X security stories are media hype – May 03, 2006
Macs and viruses: the true story – May 02, 2006
Anti-Mac FUD machine shifts into overdrive – May 01, 2006
FUD Alert: Viruses don’t catch up to the Mac – May 01, 2006
BusinessWeek: Apple should hire security czar to combat uninformed media FUD – March 09, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Mafiasoft: Microsoft to charge $50 per year for security service to protect Windows – February 07, 2006
Why pay Symantec for flawed ‘security’ app designed to protect Apple Macs from nonexistent threats? – December 27, 2005
‘Highly critical’ flaw in discovered in Symantec AntiVirus for Mac OS X – December 21, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Why Symantec’s ‘scare tactics’ don’t worry Mac users – September 28, 2005
Motley Fool writer: ‘I’d be surprised if Symantec ever sells a single product to a Mac user again’ – March 24, 2005
Symantec cries wolf with misplaced Mac OS X ‘security’ warning – March 23, 2005
Symantec’s Mac OS X claims dismissed as nonsense, FUD – March 22, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005

22 Comments

  1. Of course the real question from some of us who have been “level-headed” all along is, What was with all the ridiculous hype in the first place?

    While I appreciate the part of the article shown by MDN, why is it only now that a Symantec voice is heard (aside from the next horrible “vulnerability”, one of the most misunderstood techno-terms running around today)? So the hoopla has died down, now a balanced, real-world perspective is given by an “inside” professional source that no one will really take notice of. Certainly not to the degree generated by the “bad press”.

    Heaven knows that if a computer could really be 100% virus free, and the manufacturer could get the general public to believe it, it could make an enormous difference in non-users converting to that “new” platform. But alas, now the damage has been done and the folks lighting the fires can come out and admit that it was really just logical and understandable precaution that was at work. And of course, lets please make sure that we understand that the tone of the article is not to advocate Mac OS X – Clearly we would not want that to happen, even accidently. (I wonder if Symantec researchers are careful to express that qualification when talking of Windows.)

    My reactions to this article are:
    – Too little too late
    – I was never more or less concerned than I should’ve been
    – This whole beating-the-small-computer-maker thing is getting very very old. And obvious.
    – Taking Windows away from Windows users is like pulling a syringe out of a druggies arm. (Ok, that doesn’t have anything to do with the article.)

  2. The most annoying piece of software I’ve ever had on my Mac was Norton Antivirus. The IT department forced it on me before they’d let me on the network. It took forever to dig all those files out and delete them… All I can say is, I’m glad I don’t actually need crap like that.

  3. Why should I fall for this cr@p? Buy their koolaid “just in case”? Screw that. I will never buy Symantec or McAfee software. Feed the bear and all you do is pull away a stump.

    Fall – As in fall of the mac bandwagon and you deserver them raping your wallets.

  4. “.just because there are no file-infecting viruses that can affect Mac OS X now, that doesn’t mean there won’t be a really nasty one released in the next five minutes.

    FUD.

    A really nasty Earth-destroying asteroid might be discovered in the next five minutes too. Is that a reason to live in fear?

    Symantec should sell astroid impact insurance just in case.

  5. Since antivirus programs only protect against known viruses, as some people pointed out earlier, what do Mac antivirus programs do?

    And as a side note: I have a PC with Avast antivirus (which is free for home users), and I have never gotten a virus on this computer, which I’ve owned for three years.

  6. When Apple starts to run anti-virus software on their own in-house computers or they officially advise in the use of such software, then I will, too.

    …but, I don’t ever see that happening. If some nasty does show, Apple will deal with it like they always have, quickly put out a software update.

    Anti-virus software is for lazy-assed and incompetent companies that are unwilling or unable to repair the flaws inherent in their own software.

  7. As the author of the article, I’d just like to respond generally to some of the comments here with a few simple bullet points:

    * This isn’t a PR piece. It comes out of our Security Response organization, not marketing or public relations.
    * I volunteered to write it and the continuing series that will follow on Mac OS and security. It’s not a part of my job responsibility.
    * Other than general legal, journalistic and content rules and guidelines, Symantec has shied away from dictating content or subject matter to me.
    * My only agenda is to shine a light on Mac OS X and security issues in order to educate internal and external customers, the Mac OS X community in general and hopefully spread virally (pun intended) to “tech journalist.”
    * Although the articles I’m starting with relate to the Mac OS X market as a whole, my focus will move closer towards the very specialized small- medium- and large-sized Macintosh enterprise markets where endpoint security is not optional.
    * Most of the points raised in the comments above (good, bad and indifferent) have already been responded to with follow on articles that I started writing weeks ago, and have helped me plan future articles. Keep the comments coming!
    * I would encourage anyone and everyone who has a positive, negative, constructive or general comment to email the feedback address set aside for the blog: securityresponseblogs@symantec.com

    Thank you!

  8. It was a decent article except for the last two paragraphs, which assume that running av software provides protection against future threats. It doesn’t, so the analogy does not apply.

    If a nasty OS X virus were to be released, downloading the lastest av software and the latest definition files would hardly take longer than just downloading the definition file. Until that becomes necessary, it’s better to keep your Mac busy doing productive work than scanning every file on your drive.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.