:-)   I think you have no fear about that, at least insofar as installed applications are concerned.   Every corporation in the world has “its own” applications, and therefore has the need to be able to install them on “its own” computers.   But we do (finally!) live in a less-trusting world, in which “any ol’ application installer” that happens to show up on your doorstep will no longer be given the Administrator/Root password as a matter of course, and succeed quite unhindered in its possibly nefarious business.

Even though a few of the articles that you mentioned do seek to raise an alarm, the simple truth in the corporate environment is that corporations are full of home-grown applications that need to be installed upon other machines within their workplace.   What the companies in question need, even though they may not have formally recognized this need before now, is the ability to ensure that the “home-grown application” really did come from them!   Both Windows and OS/X, entirely of necessity, do provide the means for corporations to issue their own digital signing certificates that will be accepted within the corporation’s own designated trust chains (and of course, nowhere else).

(Let us meanwhile sincerely hope that the days are long-gone when any ol’ web site can download an “extension” and have it be installed automagically ...)

Your company IT department now has the ability to ensure that the only apps that can be installed upon “their” computers, are “theirs.”   (They can even exclude public applications, if they so choose.)   Therefore, if your application needs to be widely distributed within the company, you might have to construct a custom installer for it.   If, on the other hand, the application needs only to continue to run on the one machine where it is now situated, that is a much simpler requirement.