You may be surprised to learn that removing admin rights is no longer (and never really did) protect against app installs. Many developers have figured out they can just install into the user’s profile.
Only apps that truly need admin rights (that install services, etc.) would be blocked. Everything else is wide open.
The admin rights restriction on app installs was almost just a convention that people followed. Now that the app incentives have changed (malicious apps don’t try to take over the machine anymore, they just try to steal your data), admin rights restrictions are becoming irrelevant.
Note however this is only partially true for single user devices, where lack of admin rights does prevent some attacker persistence, and is not at all true for multi user devices e.g. the shared family PC.
I’m not following which part you’re saying is untrue. The number of users on the machine is irrelevant as each user can install apps into their own user profile. Maybe they won’t have access to the other users’ data, but it’s enough to gain a foothold.
Persistence is easy enough with startup shortcuts or scheduled tasks in each profile.
Also, I’m not saying these apps have some kind of hidden malware, I’m saying they are operating as designed, and usually offer features in exchange for letting them do things like upload your address book, etc.
Only apps that truly need admin rights (that install services, etc.) would be blocked. Everything else is wide open.
The admin rights restriction on app installs was almost just a convention that people followed. Now that the app incentives have changed (malicious apps don’t try to take over the machine anymore, they just try to steal your data), admin rights restrictions are becoming irrelevant.