"Their"... Was there some other vendor worse than Microsoft? It has seemed sane to attempt to avoid infection on every other platform I have used in the last 15 years or so.
Microsoft had the biggest market share, and a near monopoly on unskilled users who don't understand the consequences of their actions. Other operating systems didn't have much better security, but they were less attractive to malware authors.
Now the mobile systems are the mass market thing. AV never took off because the sand boxing and app vetting, while not perfect, is more effective than AV ever was.
Though I must say, Microsoft did create a mess with its office macros and handling of file extensions. For a while they were certainly guilty of offering an environment that made it tough for the layman to know the manner in which something would open.
Well, allowing script to run in email, and insult to injury, running them in "local" (ie full privileges) security zone didn't help... not locking down the filesystem and jet (which has fs access) active-x controls earlier on from browser (and flash, ugh) access were significant.
It wasn't just IE though, Netscape had plenty of points to exploit.
"Their"... Was there some other vendor worse than Microsoft? It has seemed sane to attempt to avoid infection on every other platform I have used in the last 15 years or so.