The reason this is troubling is: All apps that get published to the Apple store must be verified by Apple to not contain any malicious code. This is done through a process called Code signing. In the exploit Miller unveiled, an attacker would be able to pass a rogue app through the Apple store, then use it to contact a remote server and download and execute any arbitrary code from the server. A flaw such as this could result in a user’s private information being stolen by an Apple-approved app. This would decrease overall consumer confidence in Apple and might affect their stock price.
After the proof-of-concept was revealed to be an exploit, Apple responded by revoking Miller’s developer status. This is a controversial move, as Apple had three weeks after Miller disclosed the vulnerability to them to fix it. However, Miller’s app, Instastock, was in clear violation of the Terms of Service.
View the exploit in action here.