Do Macs and Linux get Viruses and Malware?

I often get asked do Macs get viruses like Windows?

Well the short answer is NO they do not.  Apple themselves say… “Mac OS X doesn’t get PC viruses. And its built-in defenses help keep you safe from other malware without the hassle of constant alerts and sweeps.”
Notice they say “PC viruses”, or let me put it this way, Macs do not get viruses that infect Windows computers.

With Windows being the majority of the computers on the internet, they are more susceptible to viruses and malware. Macs do not hold but 10% of the computing market so they are a smaller target and less susceptible to threats.

Think about this….in order for a virus to be effective, it has to be viral, it has to spread from machine to machine.
Imagine a cold or flu…if only one person had a cold in your town, how would the cold spread? It wouldn’t.
On windows with its exploits, its easy to have a virus become viral, again because there are more Windows computers out there on the internet than there are Apple and Linux computers.

Another reason is the way the operating system is built. With Windows, the core of it which is still based on the old Windows NT framework has lots of flaws that are exploited. Viruses will write themselves to the root of the operation system or to its system32 directory, and most of the time, every install of windows sets the user with full administrative control, so when you accidentally run a malicious program, it installs what it needs to without question, wherever it needs to, and has full admin rights to do so. This is also known as running as root.

The Mac however is a form of BSD Unix, a bigger brother to Linux. On most all Unix/Linux systems, no one runs as root. You operate the computer as a regular user and only elevate yourself when something needs elevated privileges to do so. You will be prompted to enter your password. What’s interesting to know about BSD and Linux is that the core is open source. This means that you can basically download the Source to BSD and compile your own operating system, and use it for free. This is essentially what Apple did. They took Darwin Unix and BSD derivative and made it their own and sold it.

Now you would think that with it being “open source” many virus writers would see what was there and be able to write code to specifically exploit the operating system, but it’s actually the opposite. People who try and protect machines from viruses and malware can contribute making it more secure, whereas at Microsoft, their core is only seen by their small group of people, so it’s harder for them to come up with ideas on how to prevent the malicious things out there on the net.

Another thing that makes Windows a lot less secure than the Mac, is Internet Explorer and its use of Active X. Active X basically embeds an application inside the web browser, and executes as the system user, so you can actually go to a site that has a malicious active x control embedded in it and instantly get infected. On Mac and Linux systems, this doesn’t exist.

The core of the Mac is a lot more secure than the core of Windows. This is debatable but true.

The 64-bit applications in Snow Leopard are even more secure from hackers and malware than the 32-bit versions. That’s because 64-bit applications can use more advanced security techniques to fend off malicious code. Yes you can get Microsoft Windows in 64 bit, but remember we are still facing core issues.

Also with the Mac, with virtually no effort on your part, Mac OS X offers a multi-layered system of defenses against viruses and other malicious applications, or malware. For example, it prevents hackers from harming your programs through a technique called “sand-boxing” — restricting what actions programs can perform on your Mac, what files they can access, and what other programs they can launch. Other automatic security features include Library Randomization, which prevents malicious commands from finding their targets, and Execute Disable, which protects the memory in your Mac from attacks.

So really it boils down to virus and malware writers do not want to waste their time writing for the Mac and Linux because for one, it’s a limited number of user base, and its harder to write for since the Mac uses randomization and there is no easily exploitable active x and internet explorer on these systems.

Some tips to help you avoid getting viruses and malware.

  • Download files only from known and trusted websites.
  • On the Mac, use FileVault to encrypt your most important documents.
  • Control access to your Mac by locking your screen after a period of inactivity.
  • Securely delete outdated sensitive files with the Secure Empty Trash command.
  • Don’t do anything stupid.

See the image below? It clearly states that its a Possible Phishing Site and gives you the option to leave!

Microsoft Security Bulletin MS08-067 – Critical

Microsoft Security Bulletin MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter.

This security update is rated Critical for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008. For more information, see the subsection, Affected and Non-Affected Software, in this section.

The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests. For more information about the vulnerability, see the Frequently Asked Questions (FAQ) subsection for the specific vulnerability entry under the next section, Vulnerability Information.

Recommendation. Microsoft recommends that customers apply the update immediately.

Click here to find your operating system and download the appropriate patch.