Symantec's bashing..

I'd say Symanctec have a very clear agenda on this. After all, they sell antivirus software. Its like an alarm salesman telling you how unsafe your house is, they have their own angle.

Thats not to say that I'd ignore security issues. I make sure I run an antivirus scan on my files weekly, but at present this is more a courtesy for all the Windows users I share files with, than out of any genuine worry about viruses on the Mac. I know that if a Mac virus did appear, it would be big news, but I'm not expecting to see one for a couple of years yet.
Slowly I begin to feel that the longer Symantec and some others cry "small wolf might be ahead" that we might actually not listen at all once a real wolf comes along...
It's true though that Apple's record on patching security issues is not very good - they seem to have the mentality of a closed source company, not realizing that they ship an open source product, so they really don't have control over the disclosure schedule of vulnerabilities in (MIT Kerberos, OpenSSH, Apache, OpenSSL, OpenLDAP, Postfix, ClamAV, ...)

I recall about two years ago, the OpenSSH vulnerabilities came out - Linux and BSD distros all had the patches out in about two or three days, the closed source Unix vendors like IBM, Sun, HP, took more like a week or two (SCO took forever, but they don't count). And Apple didn't get a patch out for a month or more, by which time exploits were in the hands of the most useless of script kiddies.

One interesting thing in the report is the difference they make between "vendor confirmed" vulnerabilities in IE, and "vulnerabilities" in Firefox - Microsoft has patched numerous vulnerabilities in IE in the past year silently, without ever confirming them. So MSFT's dishonesty counts in their favour in this report.
Even though Symantec is trying to sell a product I think they do have a good point. We Mac guys do take our current security for granted. A lot of people go around bragging out about how invincible their Macs are, I am actually quite surprised no one has written a virus out of spite of the jerkoffs bragging about their superior security.

I personally don't use anti-virus software, even on my Windows PC, I never have and so far that hasn't been a problem. I am not worried about viruses on OS X, I just wish people would shut-up about how invincible OS X is.
Fortunately, Apple has been smarter than its fans. They make very little mention about security. If they started advertising how invincible it (currently) is, about two days later we'd all get hit.