Re: "the savvy user always had to fuss with anti-malware"
That savvy user never revisited the vendors site to get security patches either, not that they would have found any had they tried. The only common recourse back then was to buy the next version which might or might not have security patches applied. App stores for all their faults do at least provide a mechanism to allow important security patches to be pushed out to the customers.