But as Apple's market share grows -- recent research shows Apple ranked as the No. 3 computer seller -- Macs will become more of a target. And with Apple's transition to Intel processors and the ability to run both Mac and Windows operating systems, I.T. departments are showing increased willingness to allow Macs into the enterprise .

This week, researchers warned that the latest version of Apple's operating system, codenamed Leopard, has several major security holes that users and system administrators should be aware of. The British firm Heise Security posted a note online complaining that Leopard's firewall is not turned on by default and that it continues to allow certain traffic even when the firewall is set to block all incoming traffic.

The failure to turn the firewall on by default is probably the most troubling aspect, Andrew Storms, director of security operations for nCircle, said in an e-mail. "While Windows has typically been thought to be less secure than OS X, Windows at least by default now arrives with the firewall enabled."

Exploiting Old Open-Source Apps

Another complaint is that Leopard uses versions of open-source software that have significant bugs, including security vulnerabilities. More recent versions of software, such as OpenSSH, OpenSSL, Apache, Samba, and Cups shore up these bugs. "While not all bug fixes are security related, it does mean that a researcher can use the free and open development history of any one of these packages to find bugs for packages in OS X," explained Storms.

The benefit to Apple in using open-source software is that the open-source communities are "typically very fast" in fixing security vulnerabilities, Storms noted. Apple gets the benefit of the work of the various software communities, but Cupertino's own quality assurance processes mean it can take "a while -- sometimes weeks if not months" before the bug fixes are released to Apple customers, he added. (continued...)

1  |  2  |  Next Page >