Are Macs vulnerable to viruses?

Yes, we're seeing more and more headlines about viruses, worms, and other types of malware targeting the Mac. But before you start panicking, read on.

For years, it was pretty much a given that Macs were, for all intents and purposes, virus-free. While malware writers were having a field day with Windows, especially in the late 90s/early 2000s (remember the Melissa virus from 1999, or the "ILOVEYOU" worm from 2000, or 2001's "Code Red"?), Macs seemed impervious to infection.

So, what's so special about the Mac OS—or is it just that Windows is riddled with security holes? Well, one could argue about the relative security merits of Macs and PCs all day, but the fact remains that Windows—which still holds a commanding lead over Mac OS X in terms of market share—is simply a more tempting target for hackers.

That said, Macs have been enjoying a boost in popularity over the past few years, and as Chris wrote back in November, malware writers are undeniably starting to eye the Mac OS.

Case in point: OSX.Leap.A, a Trojan horse discovered in February 2006 that looks like a compressed JPEG file; once decompressed, Leap.A tries to install itself into the Mac OS and spread itself over the iChat IM application.

Also worrisome: RSPlug.A, a Trojan from last November that disguises itself as a QuickTime video component. Fire it up, and RSPlug.A will work its way into your Mac's DNS settings, making your system more vulnerable to phishing attacks.

Spooky stuff—but I wouldn't freak out just yet.

While security experts warn that they've been spotting more and more examples of Mac malware in recent months (as many as 150, warns security firm F-Secure), consider this: more than 50,000 Windows viruses (according to some estimates, at least) are currently circulating in the wild.

Indeed, the Mac has yet to be hit with anything approaching the scale of, say, the "ILOVEYOU" worm (which clogged inboxes worldwide).

If you're really paranoid, you can always buy and install antivirus software for the Mac—but personally, I think it's overkill, given the relatively small number of Mac viruses that have been discovered.

Instead, try these easy tips, which should ward off the vast majority of hack attacks:

Don't open suspicious e-mail attachments: Seems obvious, but happens all the time—and it's one of the most popular ways for hackers to gain access to your system. The golden rule: if you get an e-mail attachment from someone you don't know, don't open it.

Don't launch suspicious applications: Most Trojan Horses work their way into your Mac through executable applications. For example, if you're visiting a Web site and you're prompted to install a missing component (a la RSPlug.A), do yourself a favor—don't do it. The latest version of the Mac OS will warn you before installing any new applications; make sure you know what you're installing before you click "OK."

Turn on the firewall: If you're working from your home or office network, your wired or wireless router will keep you reasonably secure from attackers. But if you're using an open Wi-Fi hotspot or any other public network, close off any open ports that might leave your vulnerable to hackers. In Mac OS Leopard, select the Security pane, click the Firewall tab, and select the "Allow only essential services" radio button; then click Advanced and click the Enable Stealth Mode checkbox.

Enable password protection: Believe it or not, your Mac is much more vulnerable to garden-variety thieves than from viruses. Turning on password protection isn't a bullet-proof defense against hackers who are physically at the keyboard, but at least you won't be leaving the door wide open. Go to System Preferences, select the Security pane, click the General tab, and check the "Require password to wake this computer from sleep or screen saver" box.