For pretty much all the senior people at Apple, security is one of the top jobs on their list. When we think about security and how we design software, the basic approach is to make it as secure as possible, because most people really aren't security experts. We try to make sure things are pretty well locked down out of the box. |
Our target is to do it promptly. How quickly that can be done depends on a lot of variables, in terms of how much information we get and how complex the things are to address. |
Proof of concepts are out there but end users have not been affected by exploits in the wild the way they typically are with some other platforms. It's never good to say don't be concerned about security, however, the actual effects on users of our platform are minimal. |
There is certainly a tendency to make news out of every potential exploit on the Mac simply because it is more unusual than on some other platforms. A lot of times when you look behind the news, it is a little bit of a stretch. |
We don't feel that our customers are better served by public disclosure of potential issues. We think that in the general case, people who need to know about issues are the ones that can actually fix the bugs. |
We're in the process of investigating and addressing them. I think it is important to note that although these are potential vulnerabilities, there are no know exploits to them and they are not affecting customers today. |