On Fri, May 1, 2009 at 3:15 PM, Mayo, Bill <[email protected]> wrote: > It's splitting hairs, but a Word macro virus is not a "Mac virus".
Splitting hairs, indeed. It's a virus, and it's active on a Mac computer. Regardless of the mechanics of the infection, it's still malware propagation, and that's what matters. Macro vs native code is irrelevant. The fact remains that one cannot ignore malware on the Mac platform, anymore than one can ignore the need for backups or UPSes or any number of other things that one needs to maintain one's IT solution. Arguing that it's a macro virus and thus doesn't count, or that it's a trojan and not a virus and thus doesn't count, is far more disingenuous than suggesting the Windows and Mac threat environments are equivalent. You're trying to suggest the problem isn't a problem. That's totally bogus, and dangerous for anyone who believes you, as various anecdotes in this thread have demonstrated. > However, with a little bit of common sense, you can pretty much use a > Mac and not have to worry about it. Of course, the same applies to 'doze. Don't run as admin. Keep patches up to date. Don't install software you don't trust. Maintain an up-to-date "anti-virus" product -- and since you're apparently hung up on semantics, be aware that "anti-virus" products defend against all sorts of malware, not just "viruses". It's a sad fact that most 'doze computers aren't run this way. However, I'm not aware of anything that means Macs *must* be kept patched, or that one *cannot* install untrustworthy software. Certainly, there are more individual malware programs out there targeting 'doze than Mac, by far. That's largely a result of market share. Attackers go after the platform that offers the most targets. Most malware these days propagates largely through exploitation of user stupidity, and there's no platform that can defend against that. One could argue that Mac OS X is more typically operated with a better overall security stance, since most 'doze users still run with admin rights all the time, and a lot of software (including Microsoft's!) expects admin rights, while Mac OS X has been using enforcing a better privilege model from day one. However, I honestly don't see that as making much of a difference. Again, the biggest propagation vector is user stupidity. If the user can be counted on to dutifully enter their password when prompted to install the malware -- and most can -- there's not really much *any* platform can do about it. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
