Could Apple not then revoke their certificate, preventing any future occurrences?
Yes, and additionally if I’m reading this correctly, this attack would only work for people whose security settings are to run any signed code from trusted developers. One of the standard options is trusting only App Store distributed code for which this attack would not work
Most people install at least some kind of software from outside the App Store.
Popular examples: VLC Media Player, LibreOffice, Adobe Software, Firefox, Dropbox, Transmission, TeamViewer
Especially lots of FOSS applications aren’t on the AppStore, many aren’t even notarized.
Cracked pirated software isn’t notarized either of course.
Sure. And I don’t have that setting enabled personally, but I am careful otherwise and I tell my family members who don’t know better to keep it on.