This is an article by Paul Rubens on Serverwatch. Paul analyses the difference between Apple and the FreeBSD (security) Team with regards to tackling security problems:
Apple is making a lot of money these days. The more money it makes, the greater the contempt for its customers it seems to display. A critical bug recently discovered in FreeBSD, and the speed with which this bug was resolved, illustrates this rather well. If you use Apple’s products in your business, be afraid; be very afraid.
Here’s how the sorry story unfolds. FreeBSD 8.0 was released last week, and the latest version of the UNIX-like OS was generally received with approval. FreeBSD enjoys a good reputation with its followers, and many OSes and products contain code based on or borrowed from the OS, including Juniper routers, and — ironically, as we shall see — Mac OS X.
So far so good. Until Monday morning, when researcher Nikolaos Rangos announced he discovered “an unbelievable [sic] simple local r00t bug in recent FreeBSD versions,” along with some exploit code. The vulnerability affected the 8.0 release, as well as the older 7.1 and 7.0 versions of FreeBSD.
All software has bugs, but it’s how people react when things go wrong that you can judge them. Did the FreeBSD folks sit around and do nothing? Did they busy themselves with other things and leave 8.0, 7.1 and 7.0 users vulnerable to pwnage? No, they did not!