Kaspersky denies it's working with Apple on Mac security

Kaspersky Lab has denied a report that said Apple asked the security vendor to help it improve security in Mac OS X, which is becoming a more desirable target for malware-distributing cyber criminals.

The U.K. tech site Computing reported Monday that Kaspersky Chief Technology Officer Nikolai Grebennikov said in an interview that the company was doing a security analysis for Apple.

"Mac OS is really vulnerable," he was quoted as saying, "and Apple recently invited us to improve its security. We've begun an analysis of its vulnerabilities, and the malware targeting it."

[See also: Will Flashback hurt Macs in the enterprise?]

However, Kaspersky says Grebinnikov was misquoted. The CTO issued a statement saying that the company is conducting an "in-depth analysis of Mac OS X vulnerabilities and new forms of malware" to share with its customers, but not at the request of Apple.

"This security analysis of Mac OS X was conducted independently of Apple; however, Apple is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis," Grebinnikov said.

The Russian security vendor's latest Mac OS X project reflects the operating systems' increasing use in business. Apple's resurgence with the popularity of the iPhone and iPad has had a halo effect in which an increasing number of execs and employees are buying Mac laptops and using them for work. This has put pressure on IT staff to secure the devices.

So far, Apple has gotten low marks from security experts. The company has been criticized for being slow in patching vulnerabilities and for refusing to work more closely with security vendors to identify and fix flaws. In April, Kaspersky co-founder and chief executive Eugene Kaspersky told Computer Business Review magazine that Apple was "10 years behind Microsoft in terms of security."

Apple's failings contributed to the infection this year of 600,000 Macs with the Flashback Trojan, which took advantage of vulnerabilities in the Java plug-in for Web browsers. Oracle, which manages Java, issued a patch in February, but Apple didn't release it to Mac users until April, giving cyber-criminals lots of time to tailor their malware.

The misstep is not expected to hurt the use of the Mac in the enterprise, since companies unlikely ever perceived the Mac as more secure than other computers, experts said. However, if Apple doesn't show progress in security, then companies could reconsider use of the iPhone and iPad.

Read more about application security in CSOonline's Application Security section.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about AppleApple.KasperskyKasperskyMacsMicrosoftOracleTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Antone Gonsalves

Latest Videos

More videos

Blog Posts