"Mac OS is really vulnerable," he claimed, "and Apple recently invited us to improve its security. We've begun an analysis of its vulnerabilities, and the malware targeting it," said Grebennikov.
"Our first investigations show Apple doesn't pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago. Apple blocked Oracle from updating Java on Mac OS, and they perform all the udpates themselves. They only released the patch a few weeks ago two or three months after the Oracle patch. That's far too long," he said. "This botnet, which the security community identified, is a huge sign that Apple's security model isn't perfect."
Read More [via 9to5Mac]