14 DAY TRIAL // Believe it or not, the biggest threat to Mac OS X security is Windows. Apple's operating systems are by no means impenetrable or fool proof; however, Mac OS X is considered, along with Linux, an apex of security as far as platforms are concerned, and in comparison with Windows. Still, no matter how secure an operating system is, flaws residing in applications installed on top of the platform can be used as attack vectors to take down the platform.
The QuickTinme critical vulnerability allowed a security researcher to compromise a MacBook Pro at the recent CanSecWest security conference in Vancouver. But bringing Windows XP and Windows Vista to the native Mac environment could replicate this scenario. At least in the perspective of Chad McDonald, CISSP, CISA, the Chief Information Security Officer at Georgia College & State University, citing a group of computer support technicians.
"We all know that there are scores of vulnerabilities and exploits targeting Windows itself. Well, what happens when we introduce Windows into the OS X environment? Boot Camp and Parallels both allow Windows to have access to some portions of the OS X data on our drives. That access, in the case of Boot Camp is pre-boot, meaning that all of the security features built into OS X are bypassed. I would imagine that it will be only a matter of time before a clever bad guy engineers an exploit for this particular weakness," McDonald commented.
Security experts have repeatedly warned that as the operating systems become increasingly more secure and more difficult to break into and to exploit, the threat environment will shift to the applications that run on top of the platforms. As programs are generated by third-party sources, security standards do not match the levels imposed by Apple or Microsoft, for example with Mac OS X and Windows Vista.
Apple, on its official web page for Boot Camp public beta build 1.2, has published a word to the wise: "Windows running on a Mac is like Windows running on a PC. That means it'll be subject to the same attacks that plague the Windows world. So be sure to keep it updated with the latest Microsoft Windows security fixes."