Joswiak also stood by the company's statement regarding Windows.

"Isn't that true?" he responded when asked about the company's statement about Windows not being robust in the face of viruses.

"We tried to be open and explain what's going on. We're not trying to dismiss our role."

The news about the infected iPods was the second such story in recent days. On Monday, McDonald's admitted that 10,000 MP3 players that were given away in a promotion in Japan also contained a worm, identified as WORM-QQPASS.ADH.

Both Poon and Abrams said that Apple's response to the infected iPods fell short of McDonald's, even though the burger giant has precious little experience in the consumer electronics space.

"The difference in how McDonald's and Apple handled similar incidents paints a stark difference between management integrity and customer service focus," Abrams wrote.

"Both cases were flawed manufacturing processes. Mistakes can happen and smart companies accept responsibility, make things right with the customer, and fix the problems. Lesser companies play the blame game," he wrote.

McDonald's fix: a single link to Trend Micro's "Housecall" online virus scanning service and an open offer to replace infected players for free also won praise over Apple's response: a bunch of links to free antivirus software trials, including Microsoft's OneCare program, Poon wrote.

"Steve, if you need someone to advise on how to improve your quality checks, feel free to contact me," Poon said, referring to Apple CEO Steve Jobs.

Software companies have long known about the potential to introduce viruses and other malicious code during the manufacturing process, and have developed procedures to catch such infections.

Two such episodes in a week might indicate that malicious hackers have figured out that consumer device makers are less vigilant in their oversight, said Dennis Szerszen, vice president of marketing and corporate strategy at SecureWave, an end point security software vendor.

Apple may have had more lax oversight around the iPod because it wasn't software and wasn't, in itself, targeted by malicious code, he said.

"There may have been less rigor because they weren't cutting and shipping an OS," he said.

Given that, Apple is lucky that it was a virus that shipped on the iPods rather than pornography, pirated software, or some kind of religious or political propaganda that would have been even more damaging to Apple's name, Abrams said.

iPods and other consumer devices are increasingly finding their way onto enterprise networks, and are an increasingly common vector for attacks, he said.

"The end point is the final frontier in enterprise security, because it's where you and I bring our recreational attitudes and personal choices for how to work to bear," he said.

Companies should set up stringent policies about whether and how to use consumer electronics devices at work, but also set up systems to monitor their use and prevent malicious attacks or infections that might be carried by iPods, PDAs, and other consumer devices, Szerszen said.