More than half of enterprises are using devices with out-of-date operating systems – and it’s leaving them wide open to attacks

More than half of organizations have at least one device running on an out-of-date operating system, according to mobile device management firm Jamf.

For its latest Security 360 Report, Jamf anonymously examined a sample group consisting of over 150,000 Mac devices, discovering a concerning trend of poor security hygiene.

Over the last year, researchers found 53% of organizations discovered they had devices with critically out-of-date operating systems.

Meanwhile, 95% of applications that the team assessed contained at least one medium-severity vulnerability, with 62% requesting dangerous permissions and 21% containing privacy-impacting behaviours.

A quarter of organizations said they'd had a user fall victim to a phishing link, while 18% reported that users had connected to risky unsecured public networks.

Jamf warned that advanced threat groups are stacking vulnerabilities to create sophisticated exploits and targeting at-risk users.

Through zero-click and browser attacks, Apple and Android devices remain an active threat vector. An attack on WhatsApp users through an image-parsing vulnerability (CVE-2025-43300) and the weaponization of vulnerabilities through JavaScript have allowed spyware groups to proliferate through one-click attacks.

“Our goal with this research is to spread awareness among security leaders regarding the risks impacting their organizations so that they can ensure threat detection, compliance enforcement and response capabilities are aligned with their Mac and mobile devices,” said Michael Covington, vice president of portfolio strategy at Jamf.

“Avoidance of a holistic, proactive approach to Mac and mobile security places any organization at unnecessary risk."

macOS threats are diversifying

In terms of macOS environments, the threat landscape is more diverse than ever before.

Despite Apple's use of security measures such as Gatekeeper, System Integrity Protection (SIP), and Transparency, Consent, and Control (TCC), 44% of devices experienced malicious network traffic and 26% of organizations were hit by cryptojacking attacks.

Last year, trojans were the top adversarial attack strategy, representing about half of all attacks – a big change from 2024 when infostealers and adware topped the list.

All told, Jamf said trojans, infostealers, adware, and potentially unwanted applications accounted for 90% of all attacks on Mac devices. PuAgent was the most common family of malware, at 16.41%.

More than half (58%) of organizations are running Macs with a critically out-of-date OS, while 73% of evaluated Mac devices contained at least one vulnerable application.

"Organizations across all sorts of industries choose Mac to keep their employees productive, secure and happy," said Jamf technical writer Hannah Bien.

"The popularity of Mac hasn’t gone unnoticed; attackers are creating targeted attacks specifically for Mac. These attacks change constantly. Infostealers are evolving, establishing persistence and taking more data than ever before. Advanced threat groups remain a significant danger."

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.