They misrepresented that event in tooting their own horn.
The Mac was breached only after the ‘user’ clicked on a link to a malicious site. Before that, some of the normal protections afforded by the Mac and the OS were intentionally compromised by the ‘user’.
I’ve used many Apple computers for years, and I am tech support for dozens of clients (over the years, probably hundreds of Apple computers), and I have never experienced, or heard from my clients that they experienced, any take-over of an Apple computer.
In the wild, it just doesn’t happen. To make it happen in a demonstration project, the user has to first do several stupid things to allow it to happen.
It was first because they worked for weeks in advance to find and exploit a bug and first publicly used it at the conference. The bug was there, but the relative time to hack was meaningless.
The conference you are referring to was CANSEC WEST (Canadian Security Conference West) and the Mac was indeed taken over first... and it took only two minutes to accomplish. However, the security consultant who did it, Charles Miller, is an ex-NSA computer expert whose team of himself and two other ex-NSA computer experts worked THREE WEEKS to find the security vulnerability and construct a means of exploiting it.
They did NOT use a "known vulnerability" (except that it was known to them because they had discovered it in the preceding three weeks) in OS X, but rather a vulnerability in JAVA. Miller stated that his exploit would have worked on any of the three OSes in the challenge as well. He just wanted the MacBook Air, which was the prize if he compromised it.
None of the three machines failed during the first day when the attack had to work via an external attack. The winning exploit only worked after the first day of the contest when the rules were relaxed and user participation was allowed. The exploit worked because the referees were required to navigate to a prepared site and click on a link or download a file and install it.
Incidentally, the team that broached the Windows Vista machine did it in under six hours with no prior preparation...