For years, Apple users taunted Windows users for all of the malware and security vulnerabilities that plagued the various Windows operating systems. Well, things have changed a bit. Mac OS and iOS now have more vulnerabilities than Windows.
Apple led the way in 2015, with a total of 384 vulnerabilities for Mac OS X, closely followed by iOS with 375. Adobe held the next four spots, with three going to AIR (with AIR, the AIR SDK and AIR SDK and compiler) at 246 each, followed by Internet Explorer at 231. Google Chrome was next with 187 vulnerabilities, followed by Firefox at 178, which just shows that despite decades on the market, browsers are still a mess.
The highest-ranking Microsoft operating system was, in fact, Windows Server 2012 at 155 vulnerabilities. Windows 7, 8 and 8.1 had 147, 146 and 151, respectively. After that it was a mix of Acrobat, Linux and other products.
Now, you may note the three Windows desktop operating systems combined come out to 444, except that if you ever look at the patches Microsoft issues, they are common across all of the operating systems. That's why there's only a tiny difference between the three versions.
Vista also made the list, with 135 vulnerabilities, putting it fairly close to its newer versions. So there is overlap. The same applies to the three Adobe AIR entries. Not sure why they split them out but the fact that all three had the exact same vulnerabilities means they were common to all three versions.
It does not help that the Mac OS X platforms are not broken out while Windows versions are. That's probably because there are so many versions of Mac OS X out there.
Steam Analytics lists 10 different versions of Mac OS X, each with tiny percentages of market share. And in fairness, while iOS has a lot of vulnerabilities, none of them are as nasty as the ones found on Android, like the malvertising that could destroy your phone or the Stagefright 2.0 virus.
Which is the silver lining for the Mac and its poor showing. It's important remember that it's not purely the number of vulnerabilities that matter but the severity of them. The vulnerabilities list is just the total number reported, not how bad they are. A bunch of minor stack overflows is nothing compared to malware that completely takes over your system.
But the Apple faithful can no longer make claims to being bulletproof.