From what I can see Apple caused this by delaying the distribution of Java 6 update 31 and the fact that I imagine a majority of Mac owners do not use AV.

There were numerous stories about the Java exploit in March and no doubt it was known before http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/ Somebody at Apple obviously thought it wasn't important as Windows is always the target.

The "beauty" of Java exploits is that are reliable, cross platform, allow the installation of OS specific malware without user intervention. All it takes is a visit a compromised site or even compromised OpenX http://krebsonsecurity.com/2012/05/openx-promises-fix-for-rogue-ads-bug/ I believe the O2 arena site's OpenX ads were tainted around 4th April.

The other thing is that all major operating systems have areas that users can write to and although I've never used OS X I expect the user can add applications to run at start-up too in a user specific file. No admin privileges required so no Admin password.

The Apple response is shockingly bad, from what I can gather Lion users get a Java update and "common variants" removal tool, Snow Leopard users get only a Java update and if you're on Leopard or before - disable Java is the only viable solution, for many this is OK as Java use seems to be vastly over estimated but as mentioned previously, but many Mac users are not IT literate? so something like removing Java could be rather taxing and I don't mean that in a bad way.

As the old Apple slogan went "It just works" and now it's changed to "It just installs Malware" unless you keep updating your OS X up to date.