While it’s not universally the case, many businesses actively using Macs for work may not be paying enough attention to ensuring those devices are secured, according to cloud security provider Qualys, which estimates that just over half of Macs remain unprotected by recent security patches.
Don’t be a victim-in-waiting
The data doesn’t just reflect business use of Macs but also underscores why Apple’s work in security matters so much. The company must know that a good chunk of its users aren’t installing security patches, and this really, really needs to change.
The data is revealing. Take two vulnerability-related patches, both shipped for Macs, iPhones, iPads, and other Apple products in July:
CVE-2023-38606: Qualys estimates this has been patched by 36.92% of devices, leaving around 63% unpatched.
CVE-2023-37450: It is patched by 52.58% of devices, leaving around half still exposed.
The first thing, then, if you are reading this: take a quick break and check to ensure all your Macs, your company’s Macs and your friends’ and parents’ Macs have been updated with the latest security protections.
As the data suggests, there’s an uncomfortable probability they may not have done so yet — and some of the attacks out there are extraordinarily dangerous.
I shared a few words with Eran Livne, Sr. Director of Product Management at Qualys, to gather a little background on these claims.
Why are these devices not being patched?
“Traditionally, compared to Windows end user devices, Macs were not allowed in many customer environments. For the ones that did allow these devices, Macs were considered safe(r). Consequently, IT and Security Operations (SecOps) teams invested less in Mac compared to Windows. As such, it was not a surprise that Mac was considered by many security and IT vendors not to be ‘top priority.’ This limited the number of Mac solutions and the quality of those solutions too.
“In recent years, the landscape has changed, and most organizations now do allow Macs in their environment — and more and more vulnerabilities are being discovered related to Macs. Since Mac devices were considered end user devices and there was limited support from IT/SecOps teams for Mac, the workflows and vulnerability management for Mac devices are not as advanced as other parts of the business. Patching on Mac was viewed as an end user responsibility, which limited its effectiveness.”
As every Appleholic reader knows, the enterprise landscape is changing very fast. Needless to say, Qualys does offer its own patch solution for Macs.
So, what should Mac users do?
The most obvious step any Mac user should take is to upgrade their systems.
Livne stressed that Mac users should always make sure that auto-update is enabled and should install macOS updates as they appear. Mac users should also make certain they keep all their apps updated, as apps can be routes for vulnerability and attack, too. This is also why you…
2023-10-04 17:00:04
Link from www.computerworld.com