Users buy computers, so any infection in a user's computer could technically be defined as a result of user action.
Many people use Java, Flash, Adobe Reader and a host of other plugins / applications for valid reasons. After installed, sometimes these plugins can be exploited without any further user action.
Can we be done now?