I think the 'TrustedInstaller' and 'System' accounts would be a better start for total system-wide access, but the Administrators group would definitively be enough for the user to have to reinstall the system.
:iagree: As long as you communicate at all, you will always be vulnerable :iagree:
As written earlier, the obscurity of a system will always determine how vulnerable it is. In that context it should come as no surprise that at both ends, M$ is worst off and various Linux distros will sail along with no sign of malware at all. It still does not mean that the latter is invulnerable, only that they have so far not been exploited. If you surf using an ancient system, you will likewise be safe as there is no code tailored for the system on the net today, but there will of course be other inconveniences doing it that way (lack of i.e. Flash/HTML5 support or other).
In the coming years, Apple will be put on an ongoing and thorough security test as they have come above the radar and are a feasible target for whatever the malware-coder(s) want to achieve. I suspect Apple will have a hard time saying it is 'the first time' for very long...
With that being said, there is a good side-effect arising from such 'non-controlled' security tests (that is how we should view exploits) and that is more secure operating systems in the future. That is, if the company takes it seriously - which may come as a rude wake-up call... $0.02