Windows, macOS or Linux: Who is more vulnerable to malware and why?


The Clubic Studio

December 1, 2023 at 4:47 p.m.

1

Windows macOS security © Shutterstock x Clubic.com

Windows, macOS or Linux: Who is more vulnerable to malware and why?

In the antediluvian war that rages between users of Windows, macOS and, to a lesser extent, Linux, one argument often holds the upper hand: security. But is there really one operating system more vulnerable than another? Should we install a anti-virus on all systems?

Many factors come into play to determine the security of an operating system: its market share, the presence of a free and native antivirus or even the frequency of security updates. But the intrinsic security of an OS should not be the subject of obsession. The omnipresence of the web in our IT uses, as well as the new threats that this phenomenon has brought, has greatly modified the cybersecurity landscape. Hackers tend to no longer rely solely on the weaknesses of the operating system to achieve their goal.

The importance of the user base

Even if one might believe that the bad luck only affects Windows, the threat of an attack looms over all operating systems. None of them are free from security flaws. Certainly, there are developers more sensitive to security issues than others, but no one can prevent every possible attack imaginable. Sometimes the flaws come not from the code itself, but from the dependencies used.

However, finding flaws takes effort. This time-consuming task limits hackers: like a fortress, it is complex to scrutinize its walls to find an opening. So, many focus on the most popular operating system: Windows. In the first quarter of 2020, Windows represented 75% of the operating system market. Over this same period, it is reported that Microsoft’s operating system was the target of 83% of attacks. We thus note that criminals always prefer the most popular platform, a logical choice when we know that it is possible to reach more devices through this means. It is also because Windows has a price on its head that Microsoft is deploying all possible means to protect its users. To respond to attackers, the Redmond firm has chosen an increasingly efficient Windows Defender. Added to this solution is a much faster deployment of updates in the latest versions of the operating system.

The platform doesn’t matter to hackers, as long as it’s popular

Today Windows is the most popular OS, but what will it be tomorrow? The certainty is that hackers will go where the money is. If a Linux distribution gains popularity, it is certain that the number of associated vulnerabilities discovered will multiply. As for macOS, Apple may have cultivated a good image regarding its cybersecurity and confidentiality, but the threats persist and will always be more numerous if the Mac becomes the computer of Everyman. Of course, Apple developers could tighten the screw and make macOS a more closed platform, like iOS, but many examples (like the recent Pegasus affair) have proven that a closed ecosystem is not really of the safest.

Viruses are not cross-platform

A virus is ultimately just a program, hence the name malware which refers to software, or software in English. Because it exploits flaws in the very structure of the operating system, the virus code is tailor-made to accomplish its task. In other words, malware intended for Windows will not work on macOS and vice versa.

ransomware © Shutterstock

Viruses are not cross-platform

There are exceptions, but they are rare and flaws that affect several platforms are generally patched very quickly. However, hackers seem to be abandoning operating systems in favor of entry points that are easier to access, or even with greater loot.

Today’s threats go beyond the operating system

In the age of the web, there is something to make hackers happy; deep interconnection of our devices, Big Data, the dematerialization of administrations and banking institutions, without forgetting the democratization of cryptocurrencies. For good reason, these new trends generate numerous opportunities. Browsers and the web are gradually supplanting operating systems to become the only tools the user needs. Chrome OS is the perfect example; To function in everyday tasks, Google’s operating system relies almost exclusively on its browser and the company’s applications. Moreover, hackers are increasingly monitoring Chrome and its new versions in order to find backdoors. This fact is clearly visible when we see the frequency with which the Mountain View firm publishes security updates, sometimes in response to “zero day” vulnerabilities. It must be said that with two thirds of the market share, Chrome is becoming the new darling of hackers.

Many applications today include a connected dimension, whether through the cloud or through dependence on third-party services, making them vulnerable to attacks exploiting one or the other. The defunct Flash, used by many sites and software, was no stranger to attacks.

Big Data, big problem

Data collection and centralization also involves the largest data leaks ever observed. The Twitch source code leak is only the most recent example in the collective memory. With usernames and passwords numbering in the millions, hackers are hoping to hit the jackpot by committing the virtual heist of the century. Although this data is sometimes encrypted, some companies leave passwords and other codes available in the clear. This was the case with Twitch.

Flaws don’t just exist in the code

Finally, we cannot forget the hardware flaws which, even if they have greatly lost popularity, remain present. The Meltdown and Specter flaws are painful reminders of the threats these attacks pose. There are several reasons why hardware flaws are less present today. If we had to name just one, it would most certainly be the loss of interest inherent in reverse engineering (necessary to find this type of fault) of computer components.

The operating system is not everything, good practices are essential

As we mentioned, Microsoft, Apple and Linux distribution developers cannot protect you from all threats. This is because of the many flaws that exist independently of the work of the editors. There are software and hardware flaws, the risks of data leaks, but there is one last risk that we have not discussed: you.

Since the pandemic, hackers have understood that the Achilles heel of the system was not software, a browser or a security flaw on an OS module, but the user in charge of all that. As a result, numerous manipulation techniques have emerged. Its simplest form is just a fraudulent email, generally accompanied by a link or an infected file (more commonly called phishing, or phishing in the language of Molière). In its most elaborate versions, user exploitation acts as the weak link, commonly called social engineering. It thus becomes a real psychological hack, the aim of which is to infiltrate an organization by making the member believe that he is part of it. In most cases, it is easier to gain access to confidential data by pretending to be a system administrator from a remote employee than to scan a hyper-secure cloud system for information. ‘a small breach.

Ransomware © Shutterstock

Ransomware

Avoiding phishing remains relatively helpful. This method is often based on fear or greed, you just need to carefully analyze emails that are “too good to be true” or those warning of imminent danger. Whether it is a mistake in the text or in the sender’s address itself, there is always a detail that betrays the deception. In the case of social engineering, these tips also apply, but you must also be careful when requesting identifiers, whether by email or telephone. Of course, you should never communicate information about your institution outside of the internal communication channels deployed.

Ultimate good practice for the road: make updates. Yes, this advice goes without saying, but it is worth remembering. Since updates generally require a restart of the operating system or browser, they generally involve the loss of open windows, as well as a somewhat long shutdown time on smaller machines. At a time when our devices wake up almost instantly, it’s not easy to think about restarting. But let’s remember that these updates are made for a reason. It is not wise to procrastinate and leave loopholes open for so long.

Which antivirus to choose for Windows or macOS?

Certainly, a GNU/Linux distribution can do without an antivirus, but this is clearly not the case for Windows and macOS. There are a multitude of security solutions and here is the podium of our antivirus comparison below.

1

Bitdefender

Bitdefender

  • mood

    30 day trial

  • devices

    3 to 10 devices

  • phishing

    Anti-phishing included

  • local_atm

    Anti-ransomware included

  • groups

    Parental controls included

9.5

See the offer

2

Norton360

Norton360

  • mood

    14 day trial

  • devices

    10 devices

  • phishing

    Anti-phishing included

  • local_atm

    Anti-ransomware included

  • groups

    Parental controls included

9.3

See the offer

3

Avast One

Avast One

  • mood

    30 day trial

  • devices

    5 to 30 devices

  • phishing

    Anti-phishing included

  • local_atm

    Anti-ransomware included

  • groups

    No parental controls

9.2

See the offer

The Clubic Studio

The Clubic Studio

Clubic Studio is the creator of original content for Clubic partners. Behind Studio Clubic is a team of experts in brand content and content to commerce, which offers...

Read other articles

Clubic Studio is the creator of original content for Clubic partners. Behind Studio Clubic is a team of experts in brand content and content to commerce, which offers quality content to connect our advertisers with our readers.

Read other articles





Source link -99