It's only a matter of time really, no security is impregnable.
Thing is that it's one area where a lower marketshare is useful; much like with Macs until the last few years; there's just not enough of them out there to make it worthwhile for hackers to bother putting the effort in.
There's a little truth to that, but it's a bit of an overused pet excuse, particularly of Mac haters.
Mac OS X is inherently more secure than Windows XP because of it's UNIX structure. Even when you do see a Mac exploit, it is never remotely close to the severity of the rampant crap you'd see on Windows XP. The worst thing I ever heard of was the Java exploit, and Oracle was as much to blame for that as Apple was.
Now, Windows 7 is
much more secure than XP was, so that gap has narrowed significantly. As long as you're not reckless and you use some kind of protection an average user can use Windows 7 and not wind up gummed up with malware.
It's true that there are much fewer exploits attempted on less popular systems, but passive (OS architecture and policy based) and active security measures are just as, if nor more important.
iOS is extremely popular, yet you virtually never hear about malware on the iPhone or iPad. It's definitely not due to a lack of popularity or people trying to exploit it. It's because of the "walled garden" that Android fans love to gripe about. By closing off key parts of the core OS and carefully curating the app store, Apple avoids this malware nonsense that plagues Android.
Windows Phone had a similar approach. Microsoft deliberately followed Apples model of keeping much of the core of the OS under lock and key, carefully controlling the app market and applying strict security policies. Like Apple and unlike Google, Microsoft prioritizes the quality of the end user experience over leaving things wide open for any developer, OEM, carrier or malware author to crap all over.
Windows Phone and iOS are NEVER going to have the type and number of security problems that Android does because of this.