I can't say I'm honestly surprised judging on how crappy Apple's record is at patching vulnerabilities over the last few years. Windows Vista has consistently out performed all other major operating systems in this regard and Microsoft have spent a considerable sum on improving their development process in regard to security.
So anyway at the PWN to OWN contest held over the last three days crackers have been competing for a $10,000, and $5,000 prize. Their task was to crack a computer, there were three computers all running different operating systems. One running Mac OS X.5 (Leopard), one running Ubuntu 7.10 and one running Windows Vista SP1.
The first day was limited only to attacks over the network. All three machines survived.
The second day, the participants were allowed to open web pages, or e-mails. Mac OS X was compromised inside of two minutes.
Both Ubuntu and Windows Vista survived the day, and now the crackers can request that the judges allow "popular" 3rd party software onto the machines. As of this moment I believe both machines are still standing.
Both Linux and Windows have their fair share of crappy 3rd software, but I think Linux generally has more privilege escalation exploits, so we'll have to see how it goes.
So anyway, the next time some smug Apple fanboy comes up to you and goes on about security, politely remind them that they are full of it. And also consider reporting Apple to advertising regulators over their utterly misleading and down right false adverts.