And the Company With the Most Security Vulnerabilities is . . . Apple?

Security vulnerability

Prior to the Flashback malware fiasco, Apple’s platforms had a reputation for being secure. That reputation might not have been deserved, if a report from the first quarter of 2012 is to be believed. That report, which predated the discovery of the Flashback trojan, took a look at the number of vulnerabilities that major tech vendors reported. The numbers might surprise you.

The report comes from Trend-Micro, a computer security company. A healthy bit of skepticism is probably good when reviewing reports of rampant vulnerabilities from companies that sell products to contain the fallout from those vulnerabilities. Here, though, the numbers are based on vulnerabilities as cataloged by CVE, which describes itself as “a dictionary of publicly known information security vulnerabilities and exposures.” The numbers, therefore, are only as good as the data from CVE. According to Wikipedia, CVE is maintained by MITRE Corporation, “with funding from the National Cyber Security Division of the United States Department of Homeland Security.”

It’s also import to remember that we’re not exactly comparing apples to apples. A vendor with one main product or a very simple product, for example, stands a good chance of experiencing a lower number of vulnerabilities than a vendor with many products or complex products.

Apple took top (or worst) billing, with 91 reported vulnerabilities. Oracle, Google, and Microsoft followed, with 78, 73, and 43 vulnerabilities, respectively. Apache got top marks with 24 vulnerabilities.

Keep in mind one important factor, though: number of vulnerabilities does not equal number of attacks. The Trend Micro report specifically calls out Android, identifying approximately 5000 malicious Android apps in the quarter.

It’s a scary world out there. Do you feel safe on your devices?

TrendLabs Quarterly Security Roundup [via Cult of Mac]

Evan Kline

Hello, I'm Evan. I write about tech from my perspective – that of the average 40-something tech geek. You can also find me on Twitter and at my real-life job as a lawyer.    MORE ABOUT ME.

6 Comments:

  1. I still feel comfortable in my Apple bubble :-)

  2. I think the myth of Apple products being invulnerable to viruses stems from them being less widely used until recently, both private and in the corporate world, compared to PCs. A virus attack on Microsoft/Windows affected far more users, so that’s where people creating viruses focused on. I think now that the balance is shifting, we will hear more about Apple products being affected by viruses, so if Apple have been complacent they may need to up their game.

  3. I agree with you . But I still like the way the products of apple works .. specially my mac book air .it is quite a good laptop i’d say ..

  4. I was pretty surprised to read about this. I’m a PC guy, but I know all of my “Mac friends” have always preached the fact that the Mac is invulnerable to security breaches.

    With popularity comes vulnerability, so I think this a trend with Mac that will only increase over time.

  5. I agree with Nina’s post in that the myth of Apple safety was largely based on how little the products were used until very recently. I will say this however, as a recent Mac convert, (Microsoft for 15+ years) I have had no problems with any malicious software or virus discoveries. I think one thing that apple is doing to combat malicious software is the Appstore. Unfortunately from my experience, the Appstore is lacking in content and a great number of utilities that I need as a fairly heavy computer user. Does anyone else have a similar experience to me? Thanks for the insight!

Leave a Reply