Apple faces a flurry of criticism for the long delay in patching the DNS flaw made public last month by Dan Kaminsky, director of penetration testing at Seattle-based IOActive Inc. For almost its entire time competing with Microsoft, Apple made fun the latter's alleged security flaws. However, Microsoft came a long way over the last decade, while Apple has apparently remained stuck.

After earlier this year Apple's OS X-running notebooks proved the most vulnerable to attacks among all major operating systems, now it took weeks longer for the Cupertino company to patch a severe security flaw involving the Internet's Domain Name System. Although it uses an operating system which is based on a well-designed BSD Unix, Apple was apparently incapable of providing a fast response to a real threat.

The flaw was patched late Thursday for its Tiger Server and Mac OS X Leopard/Tiger desktop systems. Security Update 2008-005 incorporates also guards against arbitrary code execution in CarbonCore, CoreGraphics, Data Detectors, Disk Utility, OpenLDAP, Open Scripting Architecture, OpenSSL, PHP, and rsync. Most major Internet players, such as Cisco and Microsoft, have updated their systems nearly two weeks ago.

If you're thinking: two weeks ain't that bad... think again! Apple, as well as other major OS vendors, has been notified on May 5. So, it took three months for Apple to finally roll out the update. Thus Apple is really the last OS vendor to update their system. It seems that Apple's priority is with releasing toys for its fans, rather than acquiring some serious technical expertise regarding servers (see MobileMe snafu) and security.