"Open-source continues to be a popular vector for researchers looking for Mac OS X vulnerabilities," Storms continued. Researchers can look for fixed bugs in open-source code, and use that information to reverse-engineer an exploit against Apple's operating system secure in the knowledge that the company hasn't yet pushed out updates.

Apple also fixed three bugs in Flash that , five in the CoreGraphics component that could be exploited by malicious PDF files, and one in the built-in Spotlight search engine that hackers could leverage with a malicious Microsoft Office file.

But the highest-profile vulnerabilities today -- if only because they attracted so much media attention -- were the two bugs used at "Pwn2Own," the annual hacking contest sponsored by 3Com's TippingPoint.

Last March, Charlie Miller, an analyst at Independent Security Evaluators in Baltimore, won $5,000 and a MacBook after using a flaw in the Apple Type Services component of Leopard to break into the laptop in . Later that same day, a computer science student from Germany who would only give his first name as Nils exploited Apple's Safari by using a vulnerability in WebKit.

Apple patched both vulnerabilities today, nearly two months after the contest. Mozilla, in comparison, -- which Nils also hacked at the CanSecWest security conference on the same day he broke Internet Explorer 8 and Safari -- on March 27.