A bit of ransom-ware by the name of Mac Defender is exploiting a default setting in safari that will automatically launch any installer package that you download. It still requires the user to go through the steps of installing the software including entering their administrator password. Apparently this hasn’t prevented hundreds of users from installing the bogus software. It seems to do nothing but pop up ads and messages to lure the user to pay $79.99 to remove the infection. Easy, free removal instructions are available here. But let this be a lesson. Don’t type your password if you don’t know why it is asking for it. Don’t install things you didn’t know you downloaded.