Is this not a BROWSER exploit? Is OSX really to blame?
Exactly how does the application download itself in the first place? I'm assuming it's via a browser, in which case is it not the fault of the browser software for allowing installation of software on the machine without first prompting the user to accept that download, as opposed to it being the fault of OSX for running an application as it normally would once it is installed?