Sometimes is useful to take stock of the situation and think about the role of antimalware software.

Like almost everyone on the net, I've had a chance to read about Apple's bulletin where the company was recommending to use an antivirus software on MacOS X to add more security layers to the operating system.

This bulletin triggered every possible kind of reaction, between who was defending MacOS X security and who, instead, was waiting for such claims to show that even the Apple operating system is prone to malware attacks.

I won't talk about the real security of MacOS X compared to Windows Vista or Linux. There are many articles and technical analysis on the Internet to form your own conclusion.

What is wrong is thinking that a specific operating system isn't prone to malware attacks. Just an example: MacOS X is as prone to memory corruption attacks as Windows or Linux. Indeed in some specific situations it's even worse. And we've seen during these years an massive increase of malwares using software or operating system exploits.

With Windows Vista, Microsoft has made a big step ahead towards security. User Account Control, ASLR, DEP, Mandatory Integrity Control, User Interface Privilege Isolation can give attackers a hard time.

As MacOS X and Linux do, applications that want system interaction need administrator privileges that are given only after specific user choice.

When someone talks about percentage of specific operating systems as the first reason why Windows is more hit than MacOS X or Linux by malware attacks, this not a wrong topic.

Indeed, Windows has something like 89/90% of market share while MacOS X has presently about 5% of market share. This is quite important, because this would mean Windows has a wider range of users compared to Apple OS.

Between this wide range of users, there are those who are called "experts" but, at the same time, there are many people who doesn't care at all about security implications of executing an unknown file. And, moreover, this is the bigger part of users.

People who download cracks from Peer to Peer, people who run false video or audio codecs, people that simply give administrator permissions to every software that asks for them.

Big part of people don’t know what would change if they give administrator privileges to applications and they most likely don't want to know that. They don't want to be annoyed by problems even when they use the PC. They want to use the PC as they want and they need someone else to think about security for them.

I'm not talking about the minority of users who knows how a limited account works and why it's useful, who are perfectly able to use a classic HIPS and reply to every technical question the software ask them. Yes, who really know all these security measures is the lower percentage.

This is the big concern when an operating system has high percentage of market share like Windows. You can even add limited accounts and every kind of protection, this would prevent some of malware, but social engineering is still the primary vehicle of attacks and against that there's really no solution if it's used against a so wide range of users.

MacOS X is as prone to memory corruption attacks as Windows and it's as prone to social engineering attacks as Windows as well. This couldn't be different.

When MacOS X will gain more market share, the same people who are giving administrator permissions on Vista will most likely give root permissions on MacOS X.

This is where antimalware software come to rescue. Moreover than just preventing malware to run inside the limited user account, what would happen if, for any reason, a MacOS x user give root permissions to the wrong file?

An antimalware solution is able to stop the malware and prevent it from causing damage, by both signatures or heuristic. An antimalware is able to remove the infection.

Yes, between those 5% of users, most of them know that they could do backup and restore, or maybe they are experts and canwrite their own scripts to remove the infection. But this is not valid if you talk about 80/90% of market share, then people simply want something to defend them.

Another example: if an operating system gains these percentages of market share, you can be sure there will be an increase of cracked applications, a big vehicle of infections on Windows. What prevents people who are running infected cracks on Windows to give root permissions on MacOS X too?

Malware for MacOS X are out there. Yes, they aren't as widespread as Windows ones. If MacOS X starts becoming more used and known - as it's becoming - people who run Windows will be the same who will run MacOS X.

If you run an antimalware product, you have another layer of security and it maybe could detect a new malware. If you don't run it and if you wrongly give root permissions to a false harmless application, you're infected. And you will need something to remove the infection.

Windows Vista and MacOS X are almost both at the same security level. They are mainly vulnerable to a specific thing: user's behavior. And this is where an antimalware makes the difference.