Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X

“On August 13 at 3:04 AM, a Windows server that I’ve been running for all of two weeks–it just replaced an Xserve G5–was attacked by a new strain of malware,” Tom Yager writes for InfoWorld.

“The attack I encountered occasioned a re-examination of a common question: Is Windows more vulnerable to malware than OS X? I’ve encountered no clearer or more definitive proof point than this attack,” Yager writes.

“I’ve been giving it great deal of thought, and I came up with a reasons pointing to the likelihood that Windows is at greater risk of catastrophic attacks. It’s not easy reading, but it was either this dense packing or a book-length blog post,” Yager writes.

In his full article, Yager gives two extensive bullet point lists that explain why Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X. One example: “Access to the massive, arcane, nearly unstructured, non-human-readable Windows Registry, which was to be obsolete by now, remains the only resource a Windows attacker needs to analyze and control a Windows system.”

After his bullet point lists, Yager asks, “So, after all this, do I have enough to judge Windows inherently more vulnerable to severe malware than OS X? I do.”

Yager reports, “I’ve been writing about these shortcomings for years, and it always traces back to Microsoft’s untenable policy of maintaining gaps in Windows security to avoid competing with 3rd party vendors and certified partners. Apple’s taking a different approach: What users need is in the box: Anti-virus, anti-spam, encryption, image backup and restore, offsite safe storage through .Mac, and launchd. Pretty soon any debate with Microsoft over security can be ended in one round when Apple stands up, says ‘launchd,’ and sits back down.”

Full article here.

[Thanks to MacDailyNews Reader “Kevin” for the heads up.]

MacDailyNews Note: The Registry remains in Microsoft’s forever upcoming Windows Vista. Obviously, as we all know, but some still try to propagate, ignorantly or otherwise: “Security via Obscurity” is a myth, as anyone who reads Yager’s article will be able to easily understand. One question stands out: knowing what he knows, why the hell did Yager choose to replace his Apple Xserve G5 with a Windows server? Is he a masochist or was it just a test?

Related MacDailyNews articles:
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Oxymoron: Microsoft security – August 12, 2006
Mossberg: Jump through hoops trying to secure Windows or just get a Mac – July 27, 2006
USA Today writer tries some Mac security FUD on for size – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Network World: Apple’s Mac OS X is significantly more secure than Windows – May 01, 2006
Spate of recent Mac security stories signal that Microsoft, others getting nervous – March 06, 2006
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
Security IT Hub: Apple’s Mac OS X ‘has made security a non-issue for users’ – November 21, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
Microsoft apologists and why Apple’s Mac OS X has zero viruses – October 24, 2005
Windows to Mac switchers: recommendations and Total Cost of Ownership analysis – September 29, 2005
$500 bounty offered for proof of first Apple Mac OS X virus – September 27, 2005
Hackers already targeting viruses for Microsoft’s Windows Vista – August 04, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
ZDNet: How many Mac OS X users affected by the last 100 viruses? None, zero, not one, not ever – August 18, 2005
Intel CEO Otellini: If you want security now, buy a Macintosh instead of a Wintel PC – May 25, 2005
NY Times: Apple’s Mac OS X Tiger is the most secure, stable and satisfying OS on earth – April 28, 2005
Apple touts Mac OS X security advantages over Windows – April 13, 2005
97,467 Microsoft Windows viruses vs. zero for Apple Mac’s OS X – April 05, 2005
Apple’s Mac OS X is virus-free – March 18, 2005
Cybersecurity advisor Clarke questions why anybody would buy from Microsoft – February 18, 2005
Security test: Windows XP system easily compromised while Apple’s Mac OS X stands safe and secure – November 30, 2004
Microsoft: The safest way to run Windows is on your Mac – October 08, 2004
Information Security Investigator says switch from Windows to Mac OS X for security – September 24, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 1, 2003
New York Times: Mac OS X ‘much more secure than Windows XP’ – September 18, 2003
Fortune columnist: ‘get a Mac’ to thwart viruses; right answer for the wrong reasons – September 02, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Is Mac OS X really inherently more secure than Windows? – August 26, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003

35 Comments

  1. The Windows Registry is a technical disaster. I didn’t like it when Microsoft first tried to ram it down developers throats back with Windows 95 and it’s only grown worse since. Even Microsoft admits its mistake by stating that .Net applications should use INI files over the registry.

    Whenever I run into a developer that prefers Windows over the Mac I ask them if they enjoy fighting with MSI Installers and the Registry. Only a masochist could say yes.

    Peace,
    Kevin

  2. Sometimes the vulnerabilities just sneak up on you.

    IE patch carries security bug

    There’s more trouble with Microsoft’s latest Internet Explorer patch: It introduces a serious new security flaw on some Windows systems.

    The vulnerability could let miscreants hijack a Windows PC running IE 6 with Service Pack 1 and the MS06-042 update installed, Microsoft said in a security advisory published on Tuesday. The flaw lies in the way IE handles long Web addresses and could be exploited by luring users to specially crafted Web sites, according to the advisory.
    “An attacker who successfully exploited this vulnerability could remotely take complete control of an affected system,” Microsoft said in its advisory. “We are not aware of attacks that try to use the reported vulnerability.”

  3. “I’ve been writing about these shortcomings for years, and it always traces back to Microsoft’s untenable policy of maintaining gaps in Windows security to avoid competing with 3rd party vendors and certified partners.”

    If you’ve been saying this for years, then why did you replace your xserve with a Windows server. You got what you deserved.

  4. I’m not sure how security by “obscurity” became OSX and not Windows. When the concept of “security by obscurity” appeared, it meant open source vs. proprietary code. Under their definition, Linux and FreeBSD by opening the source code to public, more programmers can examine and make more secure OS (OSX uses FreeBSD code and also open sourced OSX’s kernel in the past, so by same definition OSX is secure). Windows was “secure by obscurity” because source code for their OS is not available for everyone to examine.

    So, “security by obscurity” is not a myth, it is real. However, someone redefined or misinterpret the concept (MS marketing at work?)

  5. Funny article…

    And odd, because here I sit in Sofia, Bulgaria rather than my usual perch on the Upper West Side of Manhattan, forced to use my in-laws XP box. I won’t even mention the bizarre half-Cyrillic keyboard that likes to switch between English and Bulgarian at it’s whim.

    So, I’m stuck using Explorer, because they fear installing anything (using Firefox would be a good start) because something BAD might happen to their machine.

    As it is, I’m constantly peppered by evil sounding warnings about possible viruses, prompts to update virus definitions, prompts to install new virus software.

    I’m so used to the pleasant ease of using Safari, that it’s plain freaky and unnerving using this Windows thing. I can see why Windows users fear their computers.

    Can’t wait to get my PowerBook back and away from this “Wonderland of Windows”… it’s more like Alice’s Wonderland, mad queens, or rather, mad Windows and all…

  6. This fact is just unreal. Why do users defend this junk?

    “• SYSTEM is a pseudo-user (LocalSystem) that trumps Administrator (like UNIX’s root) in privileges. SYSTEM cannot be used to log in, but it also has no password, no login script, no shell and no environment, therefore
    • The activity of SYSTEM is next to impossible to control or log. “

    You want that running on your PC? NOT!

  7. Slow learners. Windows is a pane. Always will be.

    Send that article link to every IT bithead and MCSE you know. Then, send it to all of the ones you don’t know. Then, send it to every living, alleged tech writer and editor. Then, send it to sputnik just for a chuckle.

    This is GOLD:
    “• All Windows background processes/daemons are spawned from a single hyper-privileged process and referred to as services.
    • By default, Windows launches all services with SYSTEM-level privileges.
    • SYSTEM is a pseudo-user (LocalSystem) that trumps Administrator (like UNIX’s root) in privileges. SYSTEM cannot be used to log in, but it also has no password, no login script, no shell and no environment, therefore
    • The activity of SYSTEM is next to impossible to control or log.
    • Most of the code running on any Windows system at a given time is related to services, most or all of which run with SYSTEM privileges, therefore
    • Successful infection of running Windows software carries a good chance of access to SYSTEM privileges. . .”

    Spread the word. Better yet, send the message in an e-mail worm. (j/k)

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.