Two things:
1. Agreed with everyone else, in that the summary is written in such a way that one would interpret VLC infected. Bad form on the summary writer's part. (insert rant about /. editing style, rabblerabble)
2. This is zero to do with FOSS. Even paid software can be used to shovel-out any form of virii, malware, digital Bubonic Plague, etc. This is about people downloading any and everything that has a link attached, from 'trusted' sources and flashing banner ads.
I'm going to make this real simple, Internet Security 101-style: If you download something and you don't make the MONUMENTAL effort to scan it with whatever virii scanner you're using. You deserve what you get. True, virus scanners are not the be-all/end-all of security, but considering most of these infections are lazily coded, your scanner of choice would probably find the source of the infection, but probably their Twitter, Facebook, Google, and grocery shopping lists, too.
You wouldn't stchup a prostitute without a condom, right? (I hope!) Same thing applies when you 'jack in' to the intertubez.