Oh I see you dont’ deal with big enough customers or government business to understand how this was/is a significant point of attack.
Yes there are huge risks with that point of attack, but you’re right if you’re a home user it’s doubtful that it will be exploited. But if a government was using Mac OS X at that point they would be vulnerable.
Why are you crowing about a mere "speck" in the eye of OS X, while ignoring the multiple "logs" in your own preferred platform's eyes, for-q?
I fully understand it was a potential point of attack with "huge risks"—there have been thousands of such potential points of attack on Windows—but I also understand that this one for OS X was never exploited. I also understand that such an exploit depended on the existence of an already compromised—by some other means—computer on the local area network where the targeted computers are connected before it could have been a danger. I also completely understand that this so-called "significant point of attack" was in a very early version of a developing technology and that the vulnerability was present only for a very short time before it was pro-actively CLOSED, SEALED SHUT, ENDED by Apple soon after it was discovered, before it was ever known about by anyone who could have exploited it.
The point is, for-q, Apple added digital security signature technology to all of its Software Update packages to prevent a success of man-in-the-middle attacks using this means of attack. That preventive measure is something not done by Microsoft for Windows Update until at least a year after Apple did it.
Shall we discuss some of the "logs" in Windows eyes? Shall we talk about all the "significant points" of attacks that existed in every version of Windows of the past, for-q? Ones that were actually exploited... for example, the vulnerabilities used by the various versions of the Conficker/downadup/kido worm that did indeed infect thousands of military and government computers this past year?
Are you aware, for-q, after Apple had closed the vulnerability you are claiming "has already been done" implying to readers of this thread that the mere existence of the vulnerability means that it WAS exploited and that the Mac has been infected with malware, that the man-in-the-middle attack WAS used by crackers to intercept update requests from Windows' users and infect those users' computers?
You, with your claim "that it has already been done," are apparently incapable of understanding the difference between a potential vulnerability and a real world, out-in-the-wild, exploit doing actual damage.
By the way, The US Army is using Mac OS X for their website:
and is deploying more for security reasons because it would make them more secure.