All software has flaws, no matter how carefully you vet it. So the question isn't how to write perfect code, but how to respond to mistakes as you find them. And while Apple has earned a strong reputation for security, a string of significant vulnerabilities in macOS and iOS have strained Apple's safety net—and led some security researchers and developers to question whether the issues are systemic.

Take the release of Apple's macOS High Sierra operating system at the end of September. Within ten days, the company had to fix two critical bugs. A third-party app could be used to steal credentials from the keychain, and the password hint for encrypted Apple File Systems volumes revealed passwords in plain text. Then, at the end of November, security researchers publicly announced that anyone could get root access to a Mac running High Sierra simply by typing the word "root".

The bug was so glaring that Apple pushed a fix within a day, impressive speed for such a large company.

"Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS," Apple said in a statement to WIRED after the initial "root" bug incident—a rare admission from the company. "We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again."

'Clearly there’s something going on there. It defies explanation as a coincidence at this point.' Thomas Reed, Malwarebytes Labs

But then the fix had serious bugs of its own, not surprising given how little time the company had to test it. And that lapse joins a parade of similar software hiccups, not just in macOS but across Apple's platforms. Throughout 2017 in general, the company was fixing numerous problematic bugs, including dozens in iOS 10, and a particularly jarring update in May that impacted all of the company's operating systems and services, fixing 66 unique vulnerabilities. Several of those vulnerabilities allowed for remote execution; a hacker wouldn't have needed physical access to the devices to compromise them.

Shortly after iOS 11 came out in September, iPhones began to autocorrect the letter "i" to "A." While not a security issue, it was highly visible—and irritating—to much of Apple's customer base. And as recently as last week, Apple released an iOS 11 fix for a remote HomeKit vulnerability that wasn't easy to exploit, but could have allowed a motivated attacker to compromise important smart home devices like door locks.

Apple still offers better security than its competitive set by most metrics. But security researchers say that this uptick in vulnerabilities may point to deeper problems.

"In my opinion, Apple's desire to get all of its platforms—iOS, macOS, watchOS, and tvOS—on the same public relations, product management, and marketing-friendly annual release cycle is starting to take a toll," says Pepijn Bruienne, a research and development engineer at Duo Security who focuses on Apple products. "While I feel that Apple's overall platform security vision across all of its products is the best in the industry bar none, the pace seems to be taking a toll on the quality assurance portion of the software development process."

Several researchers pointed to that quality assurance testing process, speculating that it either lacks the manpower or the clear direction to make thorough enough assessments. Apple said itself that it is "auditing our development processes," which could hint at a vetting and testing issue, but it could also speak to the other concern researchers have voiced of late: the pressure for Apple to release overhauled software every 12 months.

"Apple’s had problems before, and they can’t be blamed for that because everybody’s going to run into a bug sooner or later," says Thomas Reed, the director of Mac and mobile in the threat tracking and analysis group at Malwarebytes Labs. "What’s really been unusual in the last month or so is just the sheer number of bugs. Clearly there’s something going on there. It defies explanation as a coincidence at this point. And since so many of these are coming up in High Sierra and iOS 11, it makes you wonder if they rushed those releases for some reason and put them out too soon when they weren’t really ready for public consumption."

'I hope alarms are going off at Apple headquarters, because they seem to be losing the grip on their user experience and software quality.' iOS Developer Marin Todorov

Some longtime Mac administrators are nostalgic for a release like Apple's OS X 10.6 Snow Leopard from 2009, a deliberate and contemplative iteration of Apple's splashy, feature-packed Leopard release the previous year. "Snow Leopard was such a good, stable release because Apple really spent a lot of time fixing bugs for it," Reed says. "They really need to do the same thing again at this point, because every release lately has been so heavily weighted toward new features. I think they need to slow it down a little on the new features and concentrate in the next release on fixes."