Paul Thurrott, keeper of the "Supersite" (lol) for Windows, notes Apple's latest security update on his blog and writes: Really Paul? Maybe a little research will shed some light on that issue. According to Secunia, from 2003-2006, OS X had 69 security advisories. For the same period, Windows XP, on the other hand, had 124 security advisories. That's bad, but where the rubber meets the road for all users is when the discovery of security vulnerabilities moves from the security researcher's lab to actual malware in the wild. Here the vendor's response in patching known vulnerabilities is critical. Thurrott seems to think that if the roles were reversed and Apple, not Microsoft, ruled the OS landscape, the problem would still loom large. Is he right? He would be - if Apple exhibited the same behavior as Microsoft (it doesn't get any worse) in it's response to patching known security vulnerabilities in it's OS. After all, unpatched vulnerabilities ultimately lead to real world exploits and in the final analysis, that's what really matters. The vendor's role is, therefore, crystal clear in insuring that it's products remain secure as it matures in actual use. What has Apple's and Microsoft's record actually been in that regard? Apple's unpatched vulnerabilities: 0% remain unpatched Microsoft's unpatched vulnerabilities: 20% remain unpatched Apparently that bears repeating: 20%, ladies and gentleman, 20% remain unpatched. The witness is dismissed. And, in case your wondering what Microsoft's response to this issue is...ah, yes, here it is.