You Must Check Any Macs On Your Network For Security Flaws – Chuck Leaver

Written By Roark Pollock And Presented By Chuck Leaver

 

Got Macs? Great. I have one too. Are your’s locked down? If you haven’t, your enterprise has a potentially major security weak point.

It’s a fallacy to believe that Macintosh computer systems are naturally protected and don’t have to be secured against hacking or malware. People think Macs are certainly perhaps more secure than Windows desktops and laptops, due to the design of the Unix-oriented kernel. Certainly, we see less security patches issued for macOS from Apple, compared to security patches for Windows from Microsoft.

Fewer security problems is not zero flaws. And more secure does not imply 100% safe.

Some Mac Vulnerability Examples

Take, for example, the macOS 10.13.3 upgrade, issued on January 23, 2018, for the present variations of the Mac’s operating system. Like the majority of present computer systems running Intel processors, the Mac was susceptible to the Meltdown defect, which meant that malicious applications might be able to read kernel memory.

Apple had to patch this defect – as well as many others.

For example, another problem could permit destructive audio files to carry out arbitrary code, which might break the system’s security stability. Apple needed to patch it.

A kernel defect suggested that a destructive application might be able to execute random code with kernel opportunities, giving bad guys access to anything on the device. Apple needed to patch the kernel.

A defect in the WebKit library indicated that processing maliciously crafted web material might result in arbitrary code execution. Apple needed to patch WebKit.

Another defect implied that processing a malicious text message might cause application denial of service, locking up the system. Whoops. Apple needed to patch that flaw as well.

Don’t Make The Very Same Mistakes as Customers

Lots of consumers, believing all the talk about how terrific macOS is, opt to run without security, trusting the macOS and its built-in application firewall software to obstruct all manner of bad code. Bad news: There’s no integrated anti-virus or anti-malware, and the firewall software can only do so much. And lots of businesses wish to neglect macOS when it concerns visibility for posture tracking and hardening, and risk detection/ risk hunting.

Consumers frequently make these assumptions because they don’t know any better. IT and Security experts should never ever make the same mistakes – we should know better.

If a Mac user installs bad software, or adds a destructive internet browser extension, or opens a bad email attachment, or clicks on a phishing link or a nasty ad, their device is corrupted – similar to a Windows computer. But within the business, we need to be prepared to deal with these concerns, even with Mac computers.

What To Do?

What do you have to do?

– Set up anti-virus and anti-malware on corporate Mac computers – or any Mac that has access to your company’s content, servers, or networks.
– Track the state of Mac computers, similar to you would with Windows machines.
– Be proactive in using fixes and patches to Mac computers, once again, just like with Windows.

You need to likewise get rid of Mac computers from your corporate environment which are too old to run the most recent version of macOS. That’s a great deal of them, since Apple is pretty good at keeping hardware that is older. Here is Apple’s list of Mac designs that can run macOS 10.13:

– MacBook (Late 2009 or more recent).
– MacBook Pro (Mid 2010 or newer).
– MacBook Air (Late 2010 or newer).
– Mac mini (Mid 2010 or more recent).
– iMac (Late 2009 or more recent).
– Mac Pro (Mid 2010 or more recent).

When the next version of macOS comes out, some of your older computers might drop off the list. They need to fall off your stock too.

Ziften’s Viewpoint.

At Ziften, with our Zenith security platform, we work hard to preserve visibility and security feature parity between Windows systems, macOS systems, and Linux-based systems.

In fact, we’ve partnered with Microsoft to incorporate our Zenith security platform with Microsoft Windows Defender Advanced Threat Protection (ATP) for macOS and Linux monitoring and hazard detection and response coverage. The combination enables customers to identify, see, examine, and react to advanced cyber-attacks on macOS devices (as well as Windows and Linux-based endpoints) directly within the Microsoft WDATP Management Console.

From our point of view, it has actually constantly been essential to offer your security groups confidence that every desktop/ laptop endpoint is safeguarded – and therefore, the enterprise is protected.

It can be hard to believe, 91% of enterprises say they have some Mac computers. If those Macs aren’t protected, as well as appropriately integrated into your endpoint security systems, the enterprise is not protected. It’s just that simple.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>