I still regularly encounter the perception that Apple computers are inherently more secure than Windows PCs. From a purely statistical standpoint Apples are hacked less than Windows PCs, but that’s largely because there are less OS X computers in the world compared to Windows PCs. From a purely mercenary standpoint, hackers are going to go where the money is, so it stands to reason that Apple computers will be targeted less, but iPhones still comprise the majority of mobile devices in use around the world. Fanboys on both sides will argue for the superior security architecture of their ride-or-die OS, but the fact remains that all operating systems are written by humans (for now!) and we all know humans make mistakes from time to time. Normally we focus on Windows security because they constitute the majority of our clientele, but Apple gets the spotlight this week for a zero-day vulnerability that is being actively exploited, and when Apple attempted to patch the flaws, they broke Safari’s access to certain websites.
What this means for you
Unfortunately for everyone, the flaw is something that definitely needs to be addressed quickly as security researchers have found websites in the wild that have been built specifically to exploit the weakness. Affected devices may be tricked into what’s known as “arbitrary code execution” meaning the attackers can fool your device (both computers and iOS mobile devices) into running malware which can then lead to your device being completely compromised. To their credit, Apple acted quickly by issuing security fixes through their Rapid Security Response (RSR) updates which (if your device is configured to install them) supposedly addressed the vulnerability, but once the RSRs were applied it broke Safari’s access to websites like Zoom, Facebook and Instagram. Apple has since pulled back the RSRs due to the cure being worse than the disease and are probably working on an updated RSR that won’t break the internet. In case you were wondering, Apple has had to patch 10 zero-day vulnerabilities so far in 2023. To be fair, this is way less than what has had to be patched on the Windows side. Heck, the latest Microsoft update addresses 6 critical flaws this week! Both platforms are far from perfect when it comes to security. Don’t let the numbers lull you into a false sense of security – Mac users, just like PC users, should have proper malware protection and backups in place. As they stay in the stock market, “Past performance is no guarantee of future results.”
Image by Bruno /Germany from Pixabay