Sophos’ annual mid-year Security Threat Report claimed that malware distributors are eagerly poking at the security barriers of Windows and OS X 10.6 “Snow Leopard” in search of weaknesses to exploit, with the implicit message that it’s just a matter of time before they succeed.
The fake antivirus scam has been particularly effective in propagating malware on Windows XP systems, and Sophos says attackers are now actively trying to get it to work on Windows 7 machines.
Sophos damns Apple with faint praise for coming up with “rudimentary anti-malware protection” in OS X 10.6. However, Sophos adds that Mac users need to keep the OS fully patched due to a rising tide of malware, including the backdoor Trojan Apple patched in June that could have allowed remote attackers to gain control over users’ machines.
Mac users cannot afford to depend on their operating system’s reputation for safety. Anyone can be tricked by subtle scams, and running quality, up-to-date anti-malware software is by far the safest option, the report said.
Strangely Sophos doesn’t slam Apple for trying to hide the June malware flaw. It was at the forefront of complaining when Jobs’ Mob did its usual “there is no problem because we say so” fix to the situation.