Tech Tips: Keeping your Apple Computer Free From Security Threats

Doug Hayman, DO-IT staff

Until recently, many Apple computer users felt no need to worry about malware or virus attacks on their computers. As the operating system has gained in popularity so has the interest in attacking it. Just as it is important to keep up with the various updates on a Microsoft Windows computer, the same is true with Apple's OS X operating system.

Users should install all of the critical updates by clicking on the System Preferences icon in the dock (or going to the Apple Menu and selecting System Preferences), choosing Software Update and installing those that are available. The system can be set up to do this automatically or manually. It is best to leave this in the automatic mode.

Additionally, some common applications that should be updated on a regular basis are Adobe Acrobat, Adobe Flash Player, alternative web browsers to the built-in Safari [such as Firefox, Opera, or Google Chrome], and productivity software such as Microsoft Office.

The Flashback malware impacting thousands of Apple systems recently is said to be due to the delay between the time Java is updated by Oracle and the time Apple updates it internally in the operating system as they don't provide end users or Oracle direct access to that process. This has left many users of OS X running third-party workaround patches until Apple releases an official update.

Essentially the two main threats to Mac OS X are getting someone to install something they shouldn't and privilege escalation attacks.

The former is somewhat of a social engineering issue but it is very easy to just make a single account that is an admin and have little to no security on it. And most people are not very security conscious and will enter the name and password anytime an installer requests it. Setting up a secondary account without admin access does help with this but you still actually need to think about security and if you really need to install things, especially from an untrusted source.

The later is where someone gains access to the machine via a non-admin account (might be a system account running a service you've enabled or it could be secondary account with a not very secure password). Once you've gained access to the machine there are a number of unix based exploits that can be tried to escalate the privileges of the account until you have admin and/or root access.

There is no replacement for being security minded. Choosing good passwords, running in a non-admin capacity, and being cautious about when you enter your admin account information goes a very long way to keeping your computer safe.