Some security experts worry that Mac customers who opt to run the Windows operating system will need reminding to keep up with all the various viruses and other threats.
Users installing Windows XP on Intel-based Macs face some special security issues, a security expert said Thursday.
By applying Apple Computer's just-released Boot Camp, Mac owners can now create a dual-boot system that runs either Mac OS X or Windows XP. It's the latter that worries Ken Dunham, the director of the rapid response team at security intelligence firm iDefense.
"When a Mac is booted into Windows, it can be attacked by the same [exploits] that threaten any Windows PC," said Dunham. "If you're running an unpatched version of Windows XP on any box, it'll be hacked pretty quickly."
Of the two operating systems, "naturally with Windows you're more at risk," said Dunham. Neither Mac OS X or Windows are invulnerable to attack -- the former was the subject earlier this year of its first zero-day bug -- but the latter is, by far, the one that draws most attacker attention.
But it's not the vulnerability of Windows that concerns Dunham; it's the fact that the Mac will have multiple operating systems on its hard drive.
"It's the best of both worlds [having Mac OS X and Windows] on one machine, but the user also has to manage two OSes."
Typically, argued Dunham, people are less diligent about updating their secondary system, whether that's an at-home machine (when the primary is at the office) or a second computer used by children. The same applies here.
"This dual-boot may create another set of Windows installs that are secondary systems, ones that might not be patched as often as they should be," Dunham said.
On the bright side, an attack on the Windows XP part of the Mac probably wouldn't have an effect on the Mac OS X partition. "It actually appears to be a pretty good design," said Dunham, who noted that while the Mac OS can read (and depending on the formatting of the Windows partition, also write to) the Windows volume, the opposite's not true.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.