Date: Monday, May 14th, 2012, 10:08
Category: News, security, Software
It never hurts to ask for a helping hand.
Per computing.co.uk, Apple has invited Kaspersky Lab to consult on potential OS X security issues following the aftermath of the largest malware outbreak on the platform.
Kaspersky has begun analyzing the OS X platform at Apple’s request, the company’s chief technology officer, Nikolai Grebennikov, said in an interview with Computing. The Kaspersky executive has publicly called Apple out for not taking security seriously enough.
“Mac OS is really vulnerable, and Apple recently invited us to improve its security,” Grebennikov said. We’ve begun an analysis of its vulnerabilities, and the malware targeting it.”
As one specific security issue with OS X, he noted that Apple has blocked Oracle from directly updating Java on the Mac. Instead, Apple handles the updates, and they typically arrive months after Oracle issues its own patches.
Mac-centric Java development is set to move to Oracle following the latest runtime updates built in-house at Apple. Apple dropped Java from the default installation of OS X 10.7 Lion after the company announced its plans to deprecate the software’s release from the Mac platform.
In April, Oracle released its first Java Development Kit and JavaFX Software Development Kit for Mac users. They arrived one and a half years after Apple announced the depreciation of its own edition of Java for Mac.
Kaspersky’s newfound partnership with Apple comes on the heels of the Flashback malware botnet, which was believed to have infected hundreds of thousands of Macs at its peak. The presence of Flashback was greatly diminished after Apple released a series of software updates to squash the malware, including a Java update and a separate removal tool.
Grebennikov cited the Flashback malware as “a huge sign that Apple’s security model isn’t perfect.” He also predicted that the first malware targeting Apple’s iOS mobile operating system, which powers the iPhone and iPad, will arrive in the next “year or so.”
Stay tuned for additional details as they become available.