That's disappointing, both that the vulnerability exists in the first place, and that Apple takes over a year to not even fix it.

They're a struggling company and can't hire top talent.

Not as disappointing as the discover's decision to leave affected users ignorant and hence at risk.