If the recent FileVault and Flashback trojan security snafus weren't strong enough indications, someone has now come out and said it: OS X's security leaves something to be desired. Or, as Kaspersky Lab CTO Nikolay Grebennikov put it in a chat with UK website Computing, "Mac OS is really vulnerable."
Going by what Grebennikov says, it sounds like the issue might not be so much OS X's inherent design as Apple's lax attitude and lack of proper response to security holes. Grebennikov cites a particularly damning example:
"Our first investigations show Apple doesn't pay enough attention to security," he said. "For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago." . . . "Apple blocked Oracle from updating Java on Mac OS, and they perform all the udpates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That's far too long," he said.
Grebennikov says OS X might not be the only victim of Apple's flawed approach to security. He also told Computing, "Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS."