Someone pointed out that the Java vulnerabilities I cited in the blog are not related to Snow Leopard. Those Java vulnerabilities are related to OS X 10.5, not 10.6 which is the newest version. I knew the difference but didn't make it clear in the post. My intent was to show how the Mac platform -- in general -- isn't as secure as some would have you believe.

They should have also pointed out that those security vulnerabilities are in Java and not in OSX.

As a separate issue, I applaud Mac for putting antivirus into their OS. I used to be one who wondered why I would ever purchase antivirus software for a Mac until someone pointed out to me that it is being a good net citizen. If I receive a virus via iMail, I will not be affected by the virus. But if I forward it to a Windows user, they will. It is in the interest of the masses that measures be taken wherever possible to protect Windows users from themselves.

Yes I am an IT Director for a Microsoft Gold partner and I use a Mac as my primary platform both at work and at home.

So, Steve Jobs & Co. decided that adding antivirus wasn't for the protection of Mac users, but rather to protect hapless and defenseless Windows users? OK, I'll buy that for a dollar.

All kidding aside, there are documented cases where Macs have been leveraged as staging points against Windows clients and servers. It will be interesting to see if the antivirus app included in the Snow Leopard release has any effect on that attack vector.

This post makes the most obvious of points: once the value being "protected" by any system exceeds the cost to crack the protection...someone will crack it. The only thing that keeps Fort Knox safe is that--so far--no one mount an attck to steal the gold for less money than the gold is worth.

This, in no way, validates Mr. Walsh's envious attitude toward Mac's better OS. I personally use Ubuntu Linux, support a passel of XP and Vista boxes, but I bought my son a Mac when he went away to college because I didn't want to hear from him about computer problems. And I haven't.

"In fact, some security experts and commentators are saying that OS X 10.6 is still more secure than any version of Windows."

Citation needed.

It seems that Mr. Walsh & staff writers of other Channel newsletters just can't figure out how to comment on any Mac OS X issues without resorting to hyperbole. Are they all so desperate for any Apple misstep, so they can say "told you so"?

I sold PCs, servers & solutions based on MS OS for 25 years. I gave up & personally went "Mac" out of pure frustration with MS dependent products' mediocre performance. Now I'm selling Macs to a clientele that just "needs to get work done", and are tired of being PC hobbyists.

My customers & I have one number to call for OS AND hardware support. AV & other security solutions should have always been part of the OS; so what if Apple embedded AV in 10.6? My old iMac runs a bit faster, and the Flash update from Adobe installed just fine.

Apple is way out on a limb with their ads & I think they know it.

I have been using Microsoft operating systems since the pre-Windows days of DOS, and have never had one single successful, virus, worm, spyware, or trojan attack against any of my systems. All it took was current anti-virus software, an updated operating system, and a little common sense.

Apple are masters of marketing (smug) lies, misinformation, and exaggerations.

@Gary.I wouldn't say that's what I was saying at all. I don't dispute the utility and functionality of the Mac platform. I will say that my preference is for Windows-based systems, but don't take that as a detraction from Macs. Aside from this discussion, I can recount numerous times where Mac enthusiasts berated me for being a Windows user and that I should just capitulate and become one of the cult. Truth is, I will. I plan on buying to new machines for my home office -- one Mac and one Linux. A little diversity never killed anyone. OK, all that aside, the point I was trying to make was that as Mac become more prevalent in enterprise and business environments, we're going to have to learn to deal with the issues that come with them. With a higher profile will come higher targeting by the digital bad guys. That's all I was really trying to say.

You know, you Mac guys sound just like Fox News with your talking points. "It just works" and we want something that "needs to get work done" is what I hear from every Mac enthusiast I have ever met. You guys and gals should really learn to think on your own. By the way, as an IT Manager with 15 years of IT experience who has supported numerous types of network infrastructures and Operating systems (from Windows, Novell and Linux, and yes Mac OS on occasion)and worked for 5 different companies, IT Directors and CTO's are the most computer illiterate IT professionals I have ever met. No offense intended Marty

Bulletproof? OK vaporware... The CIA can't even make something bulletproof. That's like looking for God to appear before the world to prove God is real...
Fact - MS products are easy targets because they are OLD, and allow hooks to make it easier on developers and users.
Fact - Apple had security issues in the 1980'/1990'. When they became less popular they became less of a target -- what fun is a joke if you are on a stage and you only tell ten people in an audience of hundreds.
Fact - Security is a marketing hole that will never get filled/permanently patched, unless the finger of God appears and smites all the MacNasties.
Fact - Truth is strange -- especially when it is mearly an educated guess ie. OPINION like people who write about SECURITY.

Snow Leopard works, it doesn't leave all it's windows and doors open automatically, what good is a locked door if you left every WINDOW in the house OPEN. All upgrades have hicups... BOO! there your over them.

I take issue with the statement "Macs present an administrative headache for solution providers and IT administrators since they require separate management systems".

There are management solutions (logmein for example) that can be used to remotely manage both platforms. The problem is, there are not Windows-based management platforms that will deal with anything that it not Windows. In addition, in my 25 years of academic computing support I've consistently found that Mac users need far less support and therefore are much cheaper to support. That should be added into the ROI of any system.

Finally, some Windows devotees seem to think it's a bad thing to love your computing experience. Well, in fact, it's a great thing! It makes your work so much less of a chore that you actually get more work done. Don't bash the Mac "cult" because we've found a solution that not only works, but makes our work a joy.

Peter: I have been using PC's for all of my adult life, and I have always gotten "my work done", and I have had excellent experiences (OK, Windows 98 and ME was really bad) with the PC. But I dont worship them. They are not God(s). They are over-priced toys. If they were really all that, they would have penetrated the Enterprise and over-taken the PC. I work for a Medical Device startup that runs 45 PC's and laptops running Vista and a few XP machines (and 1 Mac), and as y'all Mac user say, "it all just works" and I never hear from them unless they need something. Oh yeah, I forgot to mention, the 1 Engineer Mac user with their over-priced Mac book has to run boot camp to "get their work done"

Good Article. I am debating Snow Leopard on a new Netbook. Some versions of Linux offer options but limited support for Exchange. Might even load Windows 7 on it since that has been great OS on my laptop.

A Mirza - It appears you manage 45 PC's. I single-handedly manage 500 PCs, 20 Macs 35 Windows Servers and 7 Debian servers. All across 10 networks and multiple VLANs. I have been an MCSE since WinNT 4.0 days and have been in the industry for 20 years starting with LanTastic and Novell networks. Here are all of the initials that I am certified to put after my name - MCP, MCP+I, MCSE, GCIH, VSP, GAWN. Hopefully that helps you reconsider your statement that "IT Directors and CTO's are the most computer illiterate IT professionals I have ever met."

All operating systems have their issues. But the only time I have to mitigate issues with virus or spyware infections is when they are using Microsoft OSes. Even the most naive of users who have switched to Mac for whom I provide support have been free from all of these security issues. Yet every day, I run into a savvy Windows user who has fallen for the Antivirus 200x ploy or some other easily avoidable risk.

Users have to be protected from themselves. This is the primary purpose for ensuring that anti-virus is installed on every PC and server, proper virus, spam, spyware and phish filtering is on every mail server, and some form of IDS or IPS is functioning to head off risks before they are received by those who find it more simple to click on a message without reading it. That Apple has finally included such a mechanism - Kudos. But be aware that this is not a configurable app and apparently only seems to protect Safari. It is in no way a comprehensive tool.

As for issues with Java and Adobe, I still strongly feel that those are the responsibility of their respective manufacturers and not the responsibility of Apple. Microsoft is not held liable for vulnerabilities in third party apps whether bundled or not. Apple should not be either.

Marty: I did not mean to imply you were not computer literate, as you sound very seasoned and competent, and you have about 5 years over me. I am also an MCSE, MCP+ and have worked for both large and small companies in my 15 years in IT, and most Director/manager level IT people in my experience were completely out of touch due to being hands off for so many years. My last company spanned 3 regions in the US and Canada with the corporate headquarters being in Germany. We managed 600 users in our Southern Cal office with a Data center with 100 servers (mostly NT) and several AS400's, so I have similar experience with you in that regard. I have chosen recently to move to a smaller company because to get away from corporate politics. Yes, when we were running Windows XP here, there has been occasional infections, but since we have moved to Vista in 2007, we have not had 1 single compromised PC or laptop. It's very simple, my users do not run as local admin, and with Vista's tighter security it makes our PC's harder to infect. As for the Mac OS, it has been proven without a doubt that it can be exploited...but with less than 10% market share Windows is a better target, and that is just a fact.

I agree. Windows is a better target. And there are many exploits expecially where social engineering is concerned. the fact that Kevin Mitnick can no longer find a host who is willing to tolerate the number of attacks launched at him in particular bears this out. And Mac has not been immune to attacks as deomnstrated by the Ethical Hacker Challenge as reported by this periodical.

No system is more secure than any other. It is a matter of for whom the black hats are willing to spend their time developing attacks. Social engineering seems to be currently the most prevalent. And there is no system secure from social engineering attacks unless the mantra of "perfect paranoia is perfect awareness" is the foremost.

The main point I observed from the article to which we are referencing is that because 1) Apple has included anti-virus, 2) Java had 15 updates, 3) Adobe Flash has a newer version available, is that Mac is inherently insecure because Apple has not addressed these issues before release of the latest OS. In the PC world of Microsoft, these would never be cited as faults of Windows, but of the respective manufacturers. Yet they are touted here as Apple security issues as though they are the responsibility of Apple.

Fault Apple where you may. They are definitely run as a mini-dictatorship by Steve Jobs. Just look at the App Store for the iPhone and the FCC's current (and I might add justified) inquiries. All is not great in the Mac world. But to fault Apple for security issues in third party apps is inherently wrong. To blame the entire platform is a stretch.

And I am not trying to pick a fight or be defensive, but I did take it as a personal affront because it directly addressed my post and attacked what I had stated. To quote Warehouse 13 (yes, on the SciFi channel), "John Adams was a farmer. Abraham Lincoln was a small town lawyer. Plato, Socrates were teachers. Jesus was a carpenter. To equate judgement and wisdom with an occupation is at best insulting." But I bear no ill will over it.

Marty: I do apologize for any offensive remark made and I will file it in my black book not to do it again. Back to the article in question, I think the main point being made is that Apple is doing a huge dis-service to its user base by making them feel as if they are invuneralable using a Mac. Just listen to the Ad: "I want one that just works without thousands of viruses and tons of headaches". That implies that Macs are immune from compromise, which is a complete lie. So lets say the OS is iron clad...if someone can use quicktime or Adobe Flash or Java for Mac even to compromise your machine, it is not invunerable, pure and simple. I can only smile and nod my head in pitty when I tell a Mac user that they should be proactive and take a few measures to protect them selves and they ask "why?"