However, Krebs told CSO that while he suspects Apple wishes it had moved more quickly with the earlier Java patches, "it remains unclear how or if this incident has caused the company to take other such risks more seriously, or if indeed it has served to make Apple's attitudes toward security any less opaque."
Blake Turrentine, of HotWAN and a trainer for Black Hat, said he hasn't seen a shift. He said he has a difficult time finding antivirus products in Apple stores. "When I talk to one of those folks in the blue shirts, I ask them where's the antivirus software," he said. "Their 'programmed' answer is that Macs don't get viruses, they may get malware. Often they tell me they've been running without antivirus on their own personal systems for years and never had a problem."
"I guess ignorance is bliss when you're an unsuspecting player in a botnet," Turrentine said. "Forget that your shiny new Mac is shipped from China."
Read more about application security in CSOonline's Application Security section.