So that clueless joe-public can do updates and the like without hassles. Probably so that Micro$oft can also send "updates" without asking your permission (also the default setting - automatic updates that often aren't needed). Macs and Linux are largely immune to most attacks since no program can run without first getting admin permission.
I believe this problem was really aggravated by the emergence of the web and web browsers, particularly Netscape in the mid-nineties. Not to absolve OS vendors of their responsibility to market secure code, but almost everything anyone has downloaded for the last dozen years or so has been via a browser. And, if memory serves, many browsers had "execute on download" set up as an opt-out preference, including Apple's Safari. You can still tell Safari to automatically execute "safe" binaries, which strikes me as a foolish thing to do.
Windows' problem was that it surfaced at a time when any network it might be on would be small and trusted, i.e., an office. If you have complete control of your little network, and it doesn't talk to any other machines, there's no real reason not to trust downloads, because the only downloads will come from one of your own machines. Bring in the web, though, and that game is done.
About file extensions: Noticing them is a smart thing for anyone who knows what they are. Sadly, that eliminates quite a few people. (Probably about as many who don't know what an f-stop is.) Plus, correct me if I'm wrong, but a file does not require a ".exe" extension on Windows to be executable. That's very true on Linux, OS X and any other Unix derivative.
