They're mad at Windows for having vunderabilities? Isn't that somewhat hypocritic?
Nope. Apple has no vunderabilities.
Don't kid yourself
I'm sure if they exploited Aqua (which probably runs as priviledged)...there would be your vulnerability.
UNIX, on the other hand, has an advantage. All users are under priviledged ... the question isn't really whether the system can be exploited, it's weather malicious code can be executed with priviledges. Because of this, it's difficult to screw up the system ... unless one of the priviledged daemons or processes have an exploit. For example, ping has suid bit set ... if you found some sort of buffer exploit, in say, getopt() then you could do damage ... although ping surrenders root after it makes a raw socket.