Leopard + Safari + iPhone to Divert Malware Away from Windows Vista

Security company Symantec has joined Russian developer Kaspersky in predicting that Mac OS X 10.5 Leopard will move to the center stage of the threat environment. According to Marc Fossi, Symantec Security Response Engineer, Apple is currently enjoying a climate of obscurity due to its small share on the operating system market. At the same time, Windows is taking in all the heavy fire, while Mac OS X is perceived as a secure from default platform. Still this scenario could change following June 29. At the end of this month, Apple will provide a unique fertile soil for attacks with Mac OS X, Safari and iPhone interconnected.

"On June 29th, these two platforms will converge when Apple's iPhone is released in the US. The release will potentially make writing malicious code for both an Apple product and a mobile device irresistible to some attackers. The iPhone will represent a robust mobile device platform based on OS X that allows users to send and receive HTML email and surf the Net with the Safari Web browser. Projections made by various analysts suggest that iPhone adoption will be quite high. This allows attackers to target a larger audience with malicious code designed to run on the devices," Fossi stated.

And just as Safari was welcomed to Windows Vista and Windows XP with a barrage of vulnerabilities it is safe to assume that the iPhone will suffer from a similar faith. By connecting the dots between the Mac OS X operating system and its mobile phone platform, via the Safari browser, Apple has potentially unlocked the door for attacks. In this sense, could Leopard, Safari and the iPhone divert malware away from Windows Vista?

"The Safari browser and HTML email capabilities of the device could present an ideal attack vector. As recently demonstrated, Safari can be affected by vulnerabilities just as easily as other browsers on the market. While Apple may patch these holes on both the desktop and mobile platforms, the question is will users who have to pay for data transfers be willing to download large security updates on a regular basis?" Fossi asked.